Sujet Précédent Sujet Suivant

Infection Troyan+Worm

Siddh -  
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,

depuis ce matin à l'allumage, avast m'avertit de la présence de 2 troyans dans system32/Ip6FW.sys et system32/runtime.sys (Win32:Agent-MEB), chevaux de Troie que je met en quarantaine. A la suite de quoi s'ouvrent en permanence des alertes d'Avast signalant la tentative d'intrusion d'un ver: Win32:Agent-NGJ via différentes URL. J'ai beau "abandonné la connexion" comme me le suggère Avast, l'alerte revient en permanence avec des URL différentes!! Je suis dépassé :(

voici le rapport HijackThis mais qui ressemble bien à du chinois pour moi.

Logfile of HijackThis v1.99.1
Scan saved at 11:14:51, on 05/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\Avast4\ashDisp.exe
D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
D:\Tools\DaemonTools\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\usnsrv.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
D:\Tools\ActivSync\Wcescomm.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
D:\Tools\ACTIVS~1\rapimgr.exe
C:\Program Files\MSI\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Hijckthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Spamihilator] "D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Userfile Sharing Serv] usnsrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Tools\ActivSync\Wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A15DEE6B-D3C7-4342-8C1B-AE93BCA93C3A}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Tools\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

24 réponses

  • 1
  • 2
Réponse 1 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonjour

commence par télécharger ceci
et utilise les
=>CCleaner
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
tuto
https://forums.cnetfrance.fr

=> Ad-aware SE (scan passif )
https://www.google.com ou http://www.lavasoft.de/support/download/#free
Tutos :
http://home.tiscali.be/schouppeguy/adawarese/adawase.htm

=> SpyBot-Search & Destroy 1.5 (scan passif + protection préventive avec ces 2 résidents, ses vaccinations et sa list Hosts )

https://www.safer-networking.org/download/

démo d utilisation
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
https://www.malekal.com/spybot-search-destroy-proteger-desinfecter-pc-virus/
Tuto :
http://perso.orange.fr/jesses/Docs/Logiciels/Spybot.htm

=> a² free (anti-trojans) (scan passif )

- Téléchargement : https://www.emsisoft.com/fr/home/antimalware/
- Tuto : http://perso.orange.fr/jesses/Docs/Logiciels/a-squared.htm

---------------------------------------------
ensuite fais ceci

Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware

=> Installer
=> Le lancer
=> Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
=> Dans ANALYSE ( en forme de loupe )
=> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
=> Clic : Analyse complète du système
-------
=> à la fin du scan ( qui est assez long)
=> Clic Appliquer toutes les actions <== ceci Très important
=> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport
@+
0
Réponse 2 / 24
Siddh
 
Voici le rapport d'AVG

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:29:41 05/01/2008

+ Résultat de l'analyse:

D:\Sources\Trimble Geomatics Office\trimble geomatic office Keygen.rar/PCP-034.exe -> Adware.Casino : Nettoyé.
C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP86\A0057894.sys -> Rootkit.Agent.dw : Nettoyé.
C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP85\A0057349.sys -> Rootkit.Agent.pr : Nettoyé.
:mozilla.174:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.174:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.174:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.176:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.176:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.176:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.177:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.177:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.177:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.178:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.178:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.178:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.179:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.179:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.179:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.240:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.240:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.240:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.241:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.241:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.241:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.242:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.242:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.242:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.112:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.112:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.112:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.113:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.113:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.113:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.114:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.114:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.114:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.115:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.115:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.115:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.116:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.116:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.116:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.117:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.117:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.117:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.133:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.133:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.133:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.48:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.48:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.48:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.49:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.49:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.49:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.50:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.50:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.50:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.51:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.51:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.51:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.52:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.52:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.52:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.53:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.53:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.53:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.54:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.54:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.54:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.589:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.589:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.589:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.611:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.611:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.611:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.848:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.848:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.848:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.584:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.584:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.584:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.585:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.585:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.585:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.830:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.830:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.830:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.831:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.831:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.831:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.164:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.164:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.164:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.165:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.165:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.165:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.359:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.359:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.359:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.361:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.361:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.361:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.276:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.276:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.276:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.277:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.277:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.277:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.400:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.400:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.400:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.401:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.401:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.401:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.193:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.193:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.193:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.194:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.194:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.194:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.196:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.196:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.196:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.669:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.669:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.669:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.670:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.670:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.670:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.671:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.671:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.671:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.672:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.672:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.672:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.7:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.8:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.9:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.810:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.810:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.810:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.29:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.29:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.29:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.46:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.46:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.46:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.195:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.564:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.564:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.564:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.565:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.565:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.565:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.566:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.566:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.566:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.567:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.567:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.567:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.568:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.568:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.568:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.569:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.569:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.569:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.570:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.570:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.570:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.571:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.571:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.571:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.820:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.820:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.820:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.821:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.821:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.821:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.822:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.822:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.822:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.319:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.319:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.319:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.320:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.320:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.320:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.428:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.428:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.428:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.429:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.429:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.429:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.64:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.64:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.64:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.65:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.65:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.65:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.66:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.66:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.66:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.70:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.70:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.70:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.71:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.71:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.71:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.752:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.752:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.752:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.951:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.951:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.951:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.13:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.9:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.9:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.9:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.69:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.6:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.6:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.6:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.660:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.660:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.660:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.85:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.85:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.85:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.661:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.661:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.661:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.662:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.662:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.662:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.86:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.86:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.86:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.107:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.107:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.107:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.108:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.108:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.108:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.109:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.109:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.109:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.110:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.110:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.110:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.140:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.140:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.140:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.141:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.141:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.141:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.142:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.142:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.142:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.341:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.341:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.341:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.423:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.423:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.423:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.458:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.458:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.458:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.477:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.477:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.477:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.713:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.713:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.713:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.542:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.542:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.542:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.543:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.543:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.543:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.787:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.787:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.787:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.806:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.806:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.806:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.807:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.807:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.807:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.158:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.158:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.158:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.159:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.159:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.159:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.637:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.637:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.637:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.638:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.638:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.638:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.337:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.337:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.337:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.338:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.338:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.338:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.682:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.682:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.682:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.683:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.683:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.683:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.705:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.706:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.706:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.706:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.903:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.903:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.903:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.904:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.904:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.904:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.270:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.270:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.270:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.440:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.440:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.440:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.287:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.287:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.287:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.288:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.288:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.288:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.777:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.777:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.777:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.778:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.778:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.778:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.779:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.779:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.779:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.12:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.12:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.12:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.13:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.13:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.13:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.67:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.67:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.67:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.68:C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.68:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\hklo9cmc.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.68:C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\tumm79t2.default\cookies-1.txt -> TrackingCookie.O
0
Réponse 3 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
ton rapport avg montre une liste de cookies important
dans le lien plus haut je t'ai donné CCleaner il faut l'utiliser régulièrement
une fois par semaine minimun
refais un nouveau hijack stp
@+
0
Réponse 4 / 24
Siddh
 
Je croyais que le nettoyage avait suffit à régler le problème mais après quelques heure de répits, c'est reparti de plus belle. Il semblerait que l'origine se trouve dans un fichier NewYearParty.zip reçu de la part d'un de mes contact Live Messenger.

OOOOOOHHHHHHHHHH!!! un nouveau troyan : Win32:TratBHO dans C:\WINDOWS\system32\jkkjj.dll

le rapport HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 22:30:44, on 05/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Sécurité\Ad-Aware\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Sécurité\AVG\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\Avast4\ashDisp.exe
D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
D:\Tools\DaemonTools\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\usnsrv.exe
D:\Sécurité\AVG\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Tools\ActivSync\Wcescomm.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
D:\Sécurité\Spybot\TeaTimer.exe
D:\Tools\ACTIVS~1\rapimgr.exe
C:\Program Files\MSI\Bluetooth Software\BTTray.exe
D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
D:\Tools\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Firefox\firefox.exe
C:\Hijckthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Sécurité\Spybot\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Spamihilator] "D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Userfile Sharing Serv] usnsrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Sécurité\AVG\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Tools\ActivSync\Wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Sécurité\Spybot\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A15DEE6B-D3C7-4342-8C1B-AE93BCA93C3A}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: byxxvvs - C:\WINDOWS\SYSTEM32\byxxvvs.dll
O23 - Service: a-squared Free Service (a2free) - Unknown owner - D:\Sécurité\a² free\a-squared Free\a2service.exe (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Sécurité\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Sécurité\AVG\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Tools\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix,
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
@+
0
Réponse 6 / 24
Siddh
 
Voilà, c'est fait:

ComboFix 08-01-04.1 - Nico 2008-01-05 23:10:26.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.469 [GMT 1:00]
Running from: C:\Documents and Settings\Nico\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\2_exception.nls
C:\WINDOWS\system32\byxxvvs.dll
C:\WINDOWS\system32\khfdcyx.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\runtime

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))))))))
.

2008-01-05 23:08 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-05 14:45 . 2008-01-05 14:45 <REP> d-------- C:\Documents and Settings\Nico\Application Data\Grisoft
2008-01-05 14:44 . 2008-01-05 14:44 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-01-05 14:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-05 13:10 . 2008-01-05 14:40 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-05 13:04 . 2008-01-05 13:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-01-03 20:24 . 2008-01-03 19:22 70,144 -r-hs---- C:\WINDOWS\system32\usnsrv.exe
2007-12-31 15:47 . 2007-12-31 15:50 33,226,752 --a------ C:\dump_dvd.vob
2007-12-31 09:50 . 2007-12-31 10:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DVD Shrink
2007-12-26 20:51 . 2007-12-26 20:51 <REP> d-------- C:\Program Files\Yahoo!
2007-12-26 20:49 . 2007-12-26 20:49 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-26 20:49 . 2007-12-26 20:49 70,646 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-26 20:48 . 2007-12-26 20:49 6,428 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-26 20:47 . 2007-12-26 20:47 <REP> d-------- C:\WINDOWS\BricoPacks
2007-12-23 16:06 . 2007-12-23 16:08 <REP> d-------- C:\Documents and Settings\Nico\Application Data\U3
2007-12-16 19:10 . 2007-12-16 19:11 <REP> d-------- C:\Documents and Settings\Nico\Application Data\VTC Preferences Folder
2007-12-13 19:10 . 2007-12-18 12:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-13 19:10 . 2007-12-13 19:10 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-13 18:56 . 2001-09-30 19:10 246,784 --a------ C:\WINDOWS\system32\ActiveSkin.ocx
2007-12-13 18:56 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2007-12-13 18:56 . 2002-01-18 18:12 112 --a------ C:\WINDOWS\ActiveSkin.INI
2007-12-05 19:34 . 2007-12-05 19:34 244 --ah----- C:\sqmnoopt16.sqm
2007-12-05 19:34 . 2007-12-05 19:34 232 --ah----- C:\sqmdata16.sqm
2007-12-05 19:32 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-12-05 19:32 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-12-05 06:34 . 2007-12-05 06:34 244 --ah----- C:\sqmnoopt15.sqm
2007-12-05 06:34 . 2007-12-05 06:34 232 --ah----- C:\sqmdata15.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-05 22:16 39,936 ----a-w C:\WINDOWS\system32\efccyaw.dll
2008-01-05 21:28 --------- d-----w C:\Program Files\Firefox
2008-01-05 15:32 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-05 12:03 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-02 09:23 --------- d-----w C:\Documents and Settings\Nico\Application Data\AdobeUM
2007-12-26 19:49 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-10 08:31 --------- d-----w C:\Program Files\Avast4
2007-12-04 20:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2007-12-04 19:36 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-04 19:29 --------- d-----w C:\Program Files\Bonjour
2007-12-04 19:24 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-04 19:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-04 19:04 --------- d-----w C:\Program Files\epson
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-04 10:24 --------- d-----w C:\Documents and Settings\Nico\Application Data\Smart Panel
2007-12-04 10:16 --------- d-----w C:\Documents and Settings\Nico\Application Data\ABBYY
2007-12-04 10:14 --------- d-----w C:\Program Files\ArcSoft
2007-12-04 10:12 --------- d-----w C:\Program Files\Smart Panel
2007-12-03 12:38 --------- d-----w C:\Documents and Settings\Nico\Application Data\Spamihilator
2007-12-01 17:49 --------- d-----w C:\Program Files\Trimble
2007-11-26 17:52 --------- d--h--r C:\Documents and Settings\Nico\Application Data\SecuROM
2007-11-26 17:51 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-23 18:50 --------- d-----w C:\Program Files\QuickTime
2007-11-23 18:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2007-11-23 18:49 --------- d-----w C:\Program Files\Apple Software Update
2007-11-23 18:49 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-11-23 18:45 --------- d-----w C:\Program Files\Fichiers communs\logishrd
2007-11-23 05:49 --------- d-----w C:\Program Files\Canon
2007-11-18 13:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom
2007-11-18 08:25 --------- d-----w C:\Program Files\Intel
2007-11-18 08:21 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Media Player Classic
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Ahead
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-11-17 21:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RoboForm
2007-11-17 20:26 19,504 ----a-w C:\Documents and Settings\Nico\Application Data\GDIPFONTCACHEV1.DAT
2007-11-17 18:38 --------- d-----w C:\Program Files\MSN Messenger
2007-11-17 18:18 --------- d-----w C:\Program Files\Magentic
2007-11-17 14:48 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-11-17 14:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 14:39 --------- d-----w C:\Program Files\IncrediMail
2007-11-17 13:56 --------- d-----w C:\Documents and Settings\Nico\Application Data\TuneUp Software
2007-11-17 13:55 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd3917.sys
2007-11-17 13:55 664,064 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-17 13:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2007-11-17 13:41 107,134 ----a-w C:\WINDOWS\UninstallFirefox.exe
2007-11-17 13:41 --------- d-----w C:\Documents and Settings\Nico\Application Data\Talkback
2007-11-17 13:30 --------- d-----w C:\Program Files\MSI
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 12:59 --------- d-----w C:\Program Files\eMule
2007-11-08 18:15 --------- d-----w C:\Program Files\Wanadoo
2007-11-08 18:15 --------- d-----w C:\Program Files\SAGEM
2007-11-08 18:15 --------- d-----w C:\Program Files\Maxthon
2007-11-08 09:57 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Webroot
2007-11-06 05:03 --------- d-----w C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Spamihilator
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-09 12:42 745,547 ----a-w C:\WINDOWS\system32\Magentic Screensaver.scr
2007-04-05 19:47 1 ----a-w C:\Documents and Settings\Nico.NICO-29F83752B3\SI.bin
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-11-17 15:42 204843]
"SuperCopier2.exe"="D:\Tools\super copier\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45 1052672]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-10-09 13:42 475180]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-11-17 22:21 160568]
"H/PC Connection Agent"="D:\Tools\ActivSync\Wcescomm.exe" [2006-11-13 14:07 1289000]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"SpybotSD TeaTimer"="D:\Sécurité\Spybot\TeaTimer.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe]
"Cmaudio"="cmicnfg.cpl" []
"nwiz"="nwiz.exe" [2005-07-20 20:07 1519616 C:\WINDOWS\system32\nwiz.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 20:07 7110656]
"Spamihilator"="D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe" [ ]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 10:46 196608]
"DAEMON Tools"="D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" [2005-11-08 23:00 128920]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720]
"Userfile Sharing Serv"="usnsrv.exe" [2008-01-03 19:22 70144 C:\WINDOWS\system32\usnsrv.exe]
"!AVG Anti-Spyware"="D:\Sécurité\AVG\avgas.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{743C451F-7380-43DD-9B06-019BEE395F75}"= C:\WINDOWS\system32\efccyaw.dll [2008-01-05 23:16 39936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccyaw]
efccyaw.dll 2008-01-05 23:16 39936 C:\WINDOWS\system32\efccyaw.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-05 13:00]
S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-01-05 16:32]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\AutoRun\command - P:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-23 18:49:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-04 16:15:46 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- D:\Tools\TuneUp\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-05 23:15:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\efccyaw.dll 39936 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\efccyaw.dll

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\WINDOWS\system32\efccyaw.dll
-> D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.dll
.
Completion time: 2008-01-05 23:19:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-05 22:19:20
.
2007-12-21 16:35:47 --- E O F ---
0
Réponse 7 / 24
Siddh
 
au fait, d'où est-ce que ça peut venir au juste parce que je ne suis plus très sûr de l'origine étant donné ce que j'ai lu sur les forums...
l'utilisation de logiciels de P2P, même ponctuelle, peut-elle être la source de mes problèmes (auquel cas il vont bien vite passer à la trappe).
0
Réponse 8 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
selectionne ceci

registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccyaw]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{743C451F-7380-43DD-9B06-019BEE395F75}"= -

File::

C:\WINDOWS\system32\efccyaw.dll

=> Copie le texte sélectionné (CTRL+C).
=> Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
=> Colle le texte copié dans ce bloc-notes (CTRL+V).
=> Sauvegarde ce fichier sous le nom de CFScript.txt
=> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
=> Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
=> Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
=> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
=> Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

@+
0
Réponse 9 / 24
Siddh
 
2 fichiers ont été créé celui qui ne s'est pas ouvert C:\ComboFix.txt :

ComboFix 08-01-04.1 - Nico 2008-01-05 23:58:40.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.614 [GMT 1:00]
Running from: C:\Documents and Settings\Nico\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Nico\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\system32\efccyaw.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\efccyaw.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))))))))
.

2008-01-05 23:08 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-05 14:45 . 2008-01-05 14:45 <REP> d-------- C:\Documents and Settings\Nico\Application Data\Grisoft
2008-01-05 14:44 . 2008-01-05 14:44 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-01-05 14:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-05 13:10 . 2008-01-05 14:40 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-05 13:04 . 2008-01-05 13:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-01-03 20:24 . 2008-01-03 19:22 70,144 -r-hs---- C:\WINDOWS\system32\usnsrv.exe
2007-12-31 15:47 . 2007-12-31 15:50 33,226,752 --a------ C:\dump_dvd.vob
2007-12-31 09:50 . 2007-12-31 10:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DVD Shrink
2007-12-26 20:51 . 2007-12-26 20:51 <REP> d-------- C:\Program Files\Yahoo!
2007-12-26 20:49 . 2007-12-26 20:49 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-26 20:49 . 2007-12-26 20:49 70,646 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-26 20:48 . 2007-12-26 20:49 6,428 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-26 20:47 . 2007-12-26 20:47 <REP> d-------- C:\WINDOWS\BricoPacks
2007-12-23 16:06 . 2007-12-23 16:08 <REP> d-------- C:\Documents and Settings\Nico\Application Data\U3
2007-12-16 19:10 . 2007-12-16 19:11 <REP> d-------- C:\Documents and Settings\Nico\Application Data\VTC Preferences Folder
2007-12-13 19:10 . 2007-12-18 12:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-13 19:10 . 2007-12-13 19:10 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-13 18:56 . 2001-09-30 19:10 246,784 --a------ C:\WINDOWS\system32\ActiveSkin.ocx
2007-12-13 18:56 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2007-12-13 18:56 . 2002-01-18 18:12 112 --a------ C:\WINDOWS\ActiveSkin.INI
2007-12-05 19:34 . 2007-12-05 19:34 244 --ah----- C:\sqmnoopt16.sqm
2007-12-05 19:34 . 2007-12-05 19:34 232 --ah----- C:\sqmdata16.sqm
2007-12-05 19:32 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-12-05 19:32 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-12-05 06:34 . 2007-12-05 06:34 244 --ah----- C:\sqmnoopt15.sqm
2007-12-05 06:34 . 2007-12-05 06:34 232 --ah----- C:\sqmdata15.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-05 23:02 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-05 22:20 --------- d-----w C:\Program Files\Firefox
2008-01-05 12:03 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-02 09:23 --------- d-----w C:\Documents and Settings\Nico\Application Data\AdobeUM
2007-12-10 08:31 --------- d-----w C:\Program Files\Avast4
2007-12-04 20:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2007-12-04 19:36 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-04 19:29 --------- d-----w C:\Program Files\Bonjour
2007-12-04 19:24 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-04 19:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-04 19:04 --------- d-----w C:\Program Files\epson
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 10:24 --------- d-----w C:\Documents and Settings\Nico\Application Data\Smart Panel
2007-12-04 10:16 --------- d-----w C:\Documents and Settings\Nico\Application Data\ABBYY
2007-12-04 10:14 --------- d-----w C:\Program Files\ArcSoft
2007-12-04 10:12 --------- d-----w C:\Program Files\Smart Panel
2007-12-03 12:38 --------- d-----w C:\Documents and Settings\Nico\Application Data\Spamihilator
2007-12-01 17:49 --------- d-----w C:\Program Files\Trimble
2007-11-26 17:52 --------- d--h--r C:\Documents and Settings\Nico\Application Data\SecuROM
2007-11-23 18:50 --------- d-----w C:\Program Files\QuickTime
2007-11-23 18:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2007-11-23 18:49 --------- d-----w C:\Program Files\Apple Software Update
2007-11-23 18:49 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-11-23 18:45 --------- d-----w C:\Program Files\Fichiers communs\logishrd
2007-11-23 05:49 --------- d-----w C:\Program Files\Canon
2007-11-18 13:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom
2007-11-18 08:25 --------- d-----w C:\Program Files\Intel
2007-11-18 08:21 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Media Player Classic
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Ahead
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-11-17 21:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RoboForm
2007-11-17 20:26 19,504 ----a-w C:\Documents and Settings\Nico\Application Data\GDIPFONTCACHEV1.DAT
2007-11-17 18:38 --------- d-----w C:\Program Files\MSN Messenger
2007-11-17 18:18 --------- d-----w C:\Program Files\Magentic
2007-11-17 14:48 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-11-17 14:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 14:39 --------- d-----w C:\Program Files\IncrediMail
2007-11-17 13:56 --------- d-----w C:\Documents and Settings\Nico\Application Data\TuneUp Software
2007-11-17 13:55 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd3917.sys
2007-11-17 13:55 664,064 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-17 13:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2007-11-17 13:41 107,134 ----a-w C:\WINDOWS\UninstallFirefox.exe
2007-11-17 13:41 --------- d-----w C:\Documents and Settings\Nico\Application Data\Talkback
2007-11-17 13:30 --------- d-----w C:\Program Files\MSI
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 12:59 --------- d-----w C:\Program Files\eMule
2007-11-08 18:15 --------- d-----w C:\Program Files\Wanadoo
2007-11-08 18:15 --------- d-----w C:\Program Files\SAGEM
2007-11-08 18:15 --------- d-----w C:\Program Files\Maxthon
2007-11-08 09:57 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Webroot
2007-11-06 05:03 --------- d-----w C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Spamihilator
2007-04-05 19:47 1 ----a-w C:\Documents and Settings\Nico.NICO-29F83752B3\SI.bin
.

((((((((((((((((((((((((((((( snapshot@2008-01-05_23.18.59.82 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-05 23:02:38 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5e8.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-11-17 15:42 204843]
"SuperCopier2.exe"="D:\Tools\super copier\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45 1052672]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-10-09 13:42 475180]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-11-17 22:21 160568]
"H/PC Connection Agent"="D:\Tools\ActivSync\Wcescomm.exe" [2006-11-13 14:07 1289000]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"SpybotSD TeaTimer"="D:\Sécurité\Spybot\TeaTimer.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe]
"Cmaudio"="cmicnfg.cpl" []
"nwiz"="nwiz.exe" [2005-07-20 20:07 1519616 C:\WINDOWS\system32\nwiz.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 20:07 7110656]
"Spamihilator"="D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe" [ ]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 10:46 196608]
"DAEMON Tools"="D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" [2005-11-08 23:00 128920]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720]
"Userfile Sharing Serv"="usnsrv.exe" [2008-01-03 19:22 70144 C:\WINDOWS\system32\usnsrv.exe]
"!AVG Anti-Spyware"="D:\Sécurité\AVG\avgas.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-05 13:00]
S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-01-06 00:02]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\AutoRun\command - P:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-23 18:49:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-04 16:15:46 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- D:\Tools\TuneUp\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-06 00:03:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-06 0:06:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-05 23:06:38
ComboFix2.txt 2008-01-05 22:19:24
.
2007-12-21 16:35:47 --- E O F ---
0
Réponse 10 / 24
Siddh
 
et un autre qui s'est ouvert automatiquement appelé log mais qui semble être le même que celui appelé ComboFix.txt
Tu veux que je colle le "log" également?
0
Réponse 11 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
non pas besoin
Fais un scan antivirus en ligne avec Internet Explorer
https://www.bitdefender.fr/

=> En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
=> Dans la nouvelle fenêtre, clique sur I agree
=> La fenêtre change encore, clique sur Click here to scan
=> Les signatures se chargent, etc.
=> copie colle le résultat ici

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

et
reposte un nouveau rapport hijackthis
@+
0
Réponse 12 / 24
Siddh
 
c'est parti pour être très long...

je poste le résultat demain

merci déjà pour aujourd'hui

@+
0
Réponse 13 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
ok à demain
@+
0
Réponse 14 / 24
Siddh
 
Bonjour,

Voici ce que me sort BitDefender

Statistiques

Temps

02:10:55

Fichiers

710340

Directoires

12943

Secteurs de boot

5

Archives

4724

Paquets programmes

65297

Résultats

Virus identifiés

5

Fichiers infectés

16

Fichiers suspects

0

Avertissements

0

Désinfectés

0

Fichiers effacés

16

Info sur les moteurs

Définition virus

885558

Version des moteurs

AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins

14

Archive des plugins

38

Unpack des plugins

7

E-mail plugins

6

Système plugins

1

Paramètres d'analyse

Première action

Désinfecté

Seconde Action

Supprimé

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analysées

*;

Excludez les extensions

Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui

Fichier analysé

Statut

C:\Mes téléchargements\Photomatix Pro 2.4.1 Keymaker.rar=>keygen.exe

Infecté par: Trojan.Horse.COH

C:\Mes téléchargements\Photomatix Pro 2.4.1 Keymaker.rar=>keygen.exe

Echec de la désinfection

C:\Mes téléchargements\Photomatix Pro 2.4.1 Keymaker.rar=>keygen.exe

Supprimé

C:\Mes téléchargements\Photomatix Pro 2.4.1 Keymaker.rar

Echec de la mise à jour

C:\QooBox\Quarantine\C\WINDOWS\system32\byxxvvs.dll.vir

Infecté par: Trojan.Vundo.DVO

C:\QooBox\Quarantine\C\WINDOWS\system32\byxxvvs.dll.vir

Echec de la désinfection

C:\QooBox\Quarantine\C\WINDOWS\system32\byxxvvs.dll.vir

Supprimé

C:\QooBox\Quarantine\C\WINDOWS\system32\efccyaw.dll.vir

Infecté par: Trojan.Vundo.DVO

C:\QooBox\Quarantine\C\WINDOWS\system32\efccyaw.dll.vir

Echec de la désinfection

C:\QooBox\Quarantine\C\WINDOWS\system32\efccyaw.dll.vir

Supprimé

C:\QooBox\Quarantine\C\WINDOWS\system32\khfdcyx.dll.vir

Infecté par: Trojan.Vundo.DVN

C:\QooBox\Quarantine\C\WINDOWS\system32\khfdcyx.dll.vir

Echec de la désinfection

C:\QooBox\Quarantine\C\WINDOWS\system32\khfdcyx.dll.vir

Supprimé

C:\QooBox\Quarantine\catchme2008-01-05_231521.53.zip=>byxxvvs.dll

Infecté par: Trojan.Vundo.DVN

C:\QooBox\Quarantine\catchme2008-01-05_231521.53.zip=>byxxvvs.dll

Echec de la désinfection

C:\QooBox\Quarantine\catchme2008-01-05_231521.53.zip=>byxxvvs.dll

Supprimé

C:\QooBox\Quarantine\catchme2008-01-05_231521.53.zip

Mis à jour

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll

Infecté par: Trojan.Vundo.DVN

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll

Echec de la désinfection

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll

Supprimé

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip

Mis à jour

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll.1

Infecté par: Trojan.Vundo.DVO

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll.1

Echec de la désinfection

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip=>efccyaw.dll.1

Supprimé

C:\QooBox\Quarantine\catchme2008-01-06_ 00246.43.zip

Mis à jour

C:\RECYCLER\S-1-5-21-1645522239-73586283-682003330-1004\Dc1.rar=>keygen.exe

Infecté par: Trojan.Horse.COH

C:\RECYCLER\S-1-5-21-1645522239-73586283-682003330-1004\Dc1.rar=>keygen.exe

Echec de la désinfection

C:\RECYCLER\S-1-5-21-1645522239-73586283-682003330-1004\Dc1.rar=>keygen.exe

Supprimé

C:\RECYCLER\S-1-5-21-1645522239-73586283-682003330-1004\Dc1.rar

Echec de la mise à jour

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP86\A0057933.sys

Infecté par: Trojan.Kobcka.BE

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP86\A0057933.sys

Echec de la désinfection

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP86\A0057933.sys

Supprimé

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057939.dll

Infecté par: Trojan.Vundo.DVN

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057939.dll

Echec de la désinfection

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057939.dll

Supprimé

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057974.dll

Infecté par: Trojan.Vundo.DVN

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057974.dll

Echec de la désinfection

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP87\A0057974.dll

Supprimé

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058038.dll

Infecté par: Trojan.Vundo.DVO

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058038.dll

Echec de la désinfection

C:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058038.dll

Supprimé

D:\RECYCLER\S-1-5-21-789336058-2077806209-682003330-1004\Dd56.rar=>keygen.exe

Infecté par: Trojan.Horse.COH

D:\RECYCLER\S-1-5-21-789336058-2077806209-682003330-1004\Dd56.rar=>keygen.exe

Echec de la désinfection

D:\RECYCLER\S-1-5-21-789336058-2077806209-682003330-1004\Dd56.rar=>keygen.exe

Supprimé

D:\RECYCLER\S-1-5-21-789336058-2077806209-682003330-1004\Dd56.rar

Echec de la mise à jour

D:\Sources\Logiciels Graphiques\Photomatix\keygen.exe

Infecté par: Trojan.Horse.COH

D:\Sources\Logiciels Graphiques\Photomatix\keygen.exe

Echec de la désinfection

D:\Sources\Logiciels Graphiques\Photomatix\keygen.exe

Supprimé

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP71\A0037582.exe

Infecté par: Trojan.Horse.COH

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP71\A0037582.exe

Echec de la désinfection

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP71\A0037582.exe

Supprimé

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058088.exe

Infecté par: Trojan.Horse.COH

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058088.exe

Echec de la désinfection

D:\System Volume Information\_restore{C1850F5A-9FC0-4EEA-84DA-7CAC1CDD4D33}\RP88\A0058088.exe

Supprimé
0
Réponse 15 / 24
Siddh
 
et le le rapport of HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 09:17:50, on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Sécurité\Ad-Aware\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Sécurité\AVG\guard.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Avast4\ashDisp.exe
D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
D:\Tools\DaemonTools\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Sécurité\AVG\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Tools\ActivSync\Wcescomm.exe
D:\Sécurité\Spybot\TeaTimer.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\MSI\Bluetooth Software\BTTray.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
D:\Tools\ACTIVS~1\rapimgr.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Firefox\firefox.exe
C:\Hijckthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Sécurité\Spybot\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Spamihilator] "D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Userfile Sharing Serv] usnsrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Sécurité\AVG\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Tools\ActivSync\Wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Sécurité\Spybot\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A15DEE6B-D3C7-4342-8C1B-AE93BCA93C3A}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Unknown owner - D:\Sécurité\a² free\a-squared Free\a2service.exe (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Sécurité\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Sécurité\AVG\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Tools\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 16 / 24
Siddh
 
en tout cas, ça n'a pas l'air d'avoir suffit à régler le problème, nos amis les Troyans et les vers sont toujours présent. mais je m'impatiente sûrement.

@+
0
Réponse 17 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonjour

oui en effet il reste encore un trojan que je n'avais pas vu sur le rapport de combofix

selectionne ceci

registry::

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Userfile Sharing Serv"=-

File::

C:\WINDOWS\system32\usnsrv.exe

=> Copie le texte sélectionné (CTRL+C).
=> Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
=> Colle le texte copié dans ce bloc-notes (CTRL+V).
=> Sauvegarde ce fichier sous le nom de CFScript.txt
=> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
=> Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
=> Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
=> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
=> Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

ensuite refais un nouveau hijack mais avec cette version
ftp://ftp.commentcamarche.com/download/HJTInstall.exe
@+
0
Réponse 18 / 24
Siddh
 
rapport ComboFix

ComboFix 08-01-04.1 - Nico 2008-01-06 12:53:48.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.514 [GMT 1:00]
Running from: C:\Documents and Settings\Nico\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Nico\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\system32\usnsrv.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\usnsrv.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-06 to 2008-01-06 ))))))))))))))))))))))))))))))))))))
.

2008-01-06 00:19 . 2008-01-06 02:32 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-05 23:08 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-05 14:45 . 2008-01-05 14:45 <REP> d-------- C:\Documents and Settings\Nico\Application Data\Grisoft
2008-01-05 14:44 . 2008-01-05 14:44 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-01-05 14:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-05 13:10 . 2008-01-05 14:40 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-05 13:04 . 2008-01-05 13:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2007-12-31 15:47 . 2007-12-31 15:50 33,226,752 --a------ C:\dump_dvd.vob
2007-12-31 09:50 . 2007-12-31 10:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DVD Shrink
2007-12-26 20:51 . 2007-12-26 20:51 <REP> d-------- C:\Program Files\Yahoo!
2007-12-26 20:49 . 2007-12-26 20:49 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-26 20:49 . 2007-12-26 20:49 70,646 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-26 20:48 . 2007-12-26 20:49 6,428 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-26 20:47 . 2007-12-26 20:47 <REP> d-------- C:\WINDOWS\BricoPacks
2007-12-23 16:06 . 2007-12-23 16:08 <REP> d-------- C:\Documents and Settings\Nico\Application Data\U3
2007-12-16 19:10 . 2007-12-16 19:11 <REP> d-------- C:\Documents and Settings\Nico\Application Data\VTC Preferences Folder
2007-12-13 19:10 . 2007-12-18 12:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-13 19:10 . 2007-12-13 19:10 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-13 18:56 . 2001-09-30 19:10 246,784 --a------ C:\WINDOWS\system32\ActiveSkin.ocx
2007-12-13 18:56 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2007-12-13 18:56 . 2002-01-18 18:12 112 --a------ C:\WINDOWS\ActiveSkin.INI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-06 10:20 --------- d-----w C:\Program Files\Firefox
2008-01-06 09:38 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-05 12:03 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-02 09:23 --------- d-----w C:\Documents and Settings\Nico\Application Data\AdobeUM
2007-12-26 19:49 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-10 08:31 --------- d-----w C:\Program Files\Avast4
2007-12-04 20:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2007-12-04 19:36 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-04 19:29 --------- d-----w C:\Program Files\Bonjour
2007-12-04 19:24 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-04 19:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-04 19:04 --------- d-----w C:\Program Files\epson
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-04 10:24 --------- d-----w C:\Documents and Settings\Nico\Application Data\Smart Panel
2007-12-04 10:16 --------- d-----w C:\Documents and Settings\Nico\Application Data\ABBYY
2007-12-04 10:14 --------- d-----w C:\Program Files\ArcSoft
2007-12-04 10:12 --------- d-----w C:\Program Files\Smart Panel
2007-12-03 12:38 --------- d-----w C:\Documents and Settings\Nico\Application Data\Spamihilator
2007-12-01 17:49 --------- d-----w C:\Program Files\Trimble
2007-11-26 17:52 --------- d--h--r C:\Documents and Settings\Nico\Application Data\SecuROM
2007-11-26 17:51 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-23 18:50 --------- d-----w C:\Program Files\QuickTime
2007-11-23 18:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2007-11-23 18:49 --------- d-----w C:\Program Files\Apple Software Update
2007-11-23 18:49 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2007-11-23 18:45 --------- d-----w C:\Program Files\Fichiers communs\logishrd
2007-11-23 05:49 --------- d-----w C:\Program Files\Canon
2007-11-18 13:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Zylom
2007-11-18 08:25 --------- d-----w C:\Program Files\Intel
2007-11-18 08:21 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Media Player Classic
2007-11-17 22:25 --------- d-----w C:\Documents and Settings\Nico\Application Data\Ahead
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-11-17 21:44 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-11-17 21:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RoboForm
2007-11-17 20:26 19,504 ----a-w C:\Documents and Settings\Nico\Application Data\GDIPFONTCACHEV1.DAT
2007-11-17 18:38 --------- d-----w C:\Program Files\MSN Messenger
2007-11-17 18:18 --------- d-----w C:\Program Files\Magentic
2007-11-17 14:48 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-11-17 14:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-11-17 14:39 --------- d-----w C:\Program Files\IncrediMail
2007-11-17 13:56 --------- d-----w C:\Documents and Settings\Nico\Application Data\TuneUp Software
2007-11-17 13:55 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd3917.sys
2007-11-17 13:55 664,064 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-17 13:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2007-11-17 13:41 107,134 ----a-w C:\WINDOWS\UninstallFirefox.exe
2007-11-17 13:41 --------- d-----w C:\Documents and Settings\Nico\Application Data\Talkback
2007-11-17 13:30 --------- d-----w C:\Program Files\MSI
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 12:59 --------- d-----w C:\Program Files\eMule
2007-11-08 18:15 --------- d-----w C:\Program Files\Wanadoo
2007-11-08 18:15 --------- d-----w C:\Program Files\SAGEM
2007-11-08 18:15 --------- d-----w C:\Program Files\Maxthon
2007-11-08 09:57 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Webroot
2007-11-06 05:03 --------- d-----w C:\Documents and Settings\Nico.NICO-29F83752B3\Application Data\Spamihilator
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-09 12:42 745,547 ----a-w C:\WINDOWS\system32\Magentic Screensaver.scr
2007-04-05 19:47 1 ----a-w C:\Documents and Settings\Nico.NICO-29F83752B3\SI.bin
.

((((((((((((((((((((((((((((( snapshot@2008-01-05_23.18.59.82 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-05 23:20:00 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-01-05 23:20:01 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-01-05 23:20:01 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-01-05 23:20:04 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-05 23:20:04 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-05 23:20:01 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-25 00:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
+ 2008-01-06 09:45:34 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_570.dat
- 2008-01-05 22:15:12 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5e4.dat
+ 2008-01-06 09:38:45 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5e4.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-11-17 15:42 204843]
"SuperCopier2.exe"="D:\Tools\super copier\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45 1052672]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-10-09 13:42 475180]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-11-17 22:21 160568]
"H/PC Connection Agent"="D:\Tools\ActivSync\Wcescomm.exe" [2006-11-13 14:07 1289000]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"SpybotSD TeaTimer"="D:\Sécurité\Spybot\TeaTimer.exe" [2007-08-31 16:46 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe]
"Cmaudio"="cmicnfg.cpl" []
"nwiz"="nwiz.exe" [2005-07-20 20:07 1519616 C:\WINDOWS\system32\nwiz.exe]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 20:07 7110656]
"Spamihilator"="D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe" [2007-06-06 13:29 716800]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 10:46 196608]
"DAEMON Tools"="D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" [2005-11-08 23:00 128920]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720]
"!AVG Anti-Spyware"="D:\Sécurité\AVG\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\Nico\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-30 20:42:04]
RocketDock.lnk - D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe [2004-03-31 17:13:32]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-05 13:00]
S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-01-06 10:38]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\AutoRun\command - P:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-23 18:49:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-04 16:15:46 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- D:\Tools\TuneUp\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-06 12:55:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.dll
.
Completion time: 2008-01-06 12:56:05
ComboFix-quarantined-files.txt 2008-01-06 11:56:03
ComboFix2.txt 2008-01-05 23:06:40
ComboFix3.txt 2008-01-05 22:19:24
.
2007-12-21 16:35:47 --- E O F ---
0
Réponse 19 / 24
Siddh
 
et le rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:46, on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Sécurité\Ad-Aware\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\Avast4\ashDisp.exe
D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
D:\Tools\DaemonTools\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Sécurité\AVG\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Sécurité\AVG\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Tools\ActivSync\Wcescomm.exe
D:\Tools\ACTIVS~1\rapimgr.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\MSI\Bluetooth Software\BTTray.exe
D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Sécurité\Spybot\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Spamihilator] "D:\Sécurité\Spamhilator\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Tools\DaemonTools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Sécurité\AVG\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Tools\super copier\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Tools\ActivSync\Wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Sécurité\Spybot\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = D:\Tools\BricoPacks\Vista Inspirat\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Tools\ACTIVS~1\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Sécurité\Spybot\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A15DEE6B-D3C7-4342-8C1B-AE93BCA93C3A}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: a-squared Free Service (a2free) - Unknown owner - D:\Sécurité\a² free\a-squared Free\a2service.exe (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Sécurité\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Sécurité\AVG\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Tools\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 20 / 24
ep44 Messages postés 7432 Statut Contributeur 3
 
maintenant télécharge tools cleaner
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
tu l'installe et tu clic sur rechercher
une fois le scan effectuer clic sur supprimer
ensuite tu clic sur la corbeille et sur temp
et dit si tu as encore des soucis
@+
0

Discussions similaires

Virus Worm.Win32.Autorun.mjd
mehdoux -
anthony5151 -

17 réponses
infection
gladiator1952 -
gladiator1952 -

6 réponses
Worm/mazebat.B.91
Tysope -
toptitbal -

1 réponse
kapucen worm 77
k -
^^Marie^^ -

1 réponse
Infection pc
Nanie24 -
Nanie24 -

22 réponses