au secours , envahie de cheval de troie !! Résolu

Question

Bonjour, en ouvrant un fichier texte dans mes document , un maximum de cheval de troie sont apparus. j'ai déconnecté le pc et lancer avast. il en a supprimé un tas. donc une fois l'analyse terminée, j'ouvre un fichier image, ok tout va bien, puis j'ouvre un autre fichier texte et bingo ,cheval de troie en pagaille . j'en ai supprimé 236 !!. me disant que ce coup ci , c'était enfin fini, j'ouvre au hasard un autre fichier texte et bingo, encore et encore. donc là je suis sur mon portable, (c'est le pc bureau qui est infecté) et j'appelle au secours !!! que faire , help me ! merci d'avance;

ep44 · Answer

Bonsoir 

commence par ceci 

Télécharge sur le bureau

ftp://ftp.commentcamarche.com/download/HJTInstall.exe

= Double-clic dessus pour l'installer 
= Clic Do a system scan and save the log
=coller le rapport
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm 

@+

Utilisateur anonyme · Answer

salut

avast état gratuit (sauf si tu le paie ^^^) je te conseille de changer d'antivirus !!!
quel parefeu as tu ?

lance ceci déjà pour voir  stp :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !



puis pour hijack , voit ici stp et poste tous rapports surtout 


• Télécharger HijackThis ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
• Installer HijackThis dans un répertoire dédié NON Temporaire
(afin de conserver les sauvegardes qu'il fait) et en le renommant Monjack
• Fermer toutes les applications
• Lancer hitjackthis
• Click sur Do a system scan and save a logfile

Un rapport en fichier text va s'ouvrir.
Le copier et le coller sur le forum

bises

bluemoun · Answer

ok voici les infos :


[b]SDFix: Version 1.159 [/b]

Run by HP_Propri‚taire on 19/03/2008 at 08:25

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\HP_PRO~1\MESDOC~1\NETTOY~1\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\Documents and Settings\HP_Propri‚taire
ew.txt  - Deleted
C:\autorun.inf  - Deleted





Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-19 08:36:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0008f4000527]
"001247d8ba2b"=hex:e1,23,fa,c5,1e,ac,58,f5,cb,86,af,0e,83,6b,f7,d6
"0018a49b7d83"=hex:06,3b,50,00,57,ec,90,d4,5e,f1,42,55,14,8e,90,fa
"00196346d66a"=hex:ea,0e,fa,50,90,31,eb,62,ec,76,36,28,c7,3c,19,b2
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0008f4000527]
"001247d8ba2b"=hex:e1,23,fa,c5,1e,ac,58,f5,cb,86,af,0e,83,6b,f7,d6
"0018a49b7d83"=hex:06,3b,50,00,57,ec,90,d4,5e,f1,42,55,14,8e,90,fa
"00196346d66a"=hex:ea,0e,fa,50,90,31,eb,62,ec,76,36,28,c7,3c,19,b2

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\7971f918-a847-4430-9279-4a52d1efe18d]
"CurrentCacheFile"="C:\WINDOWS\SoftwareDistribution\EventCache\{29849310-5C0A-4813-9176-5A5D4C54BF70}.bin"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"E:\windows\tools\RouterUpgrade.exe"="E:\windows\tools\RouterUpgrade.exe:*:Enabled:Application MFC FTP-ROUTEUR"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\Memo\Memo.exe"="C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\Memo\Memo.exe:*:Enabled:Desktop tool"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:æTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\HP_PRO~1\MESDOC~1\NETTOY~1\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 24 Oct 2006           218 A.SHR --- "C:\BOOT.BAK"
Tue 23 Oct 2007     5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Thu  1 Jun 2006            22 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Wed 28 Feb 2007         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 12 Feb 2007             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon  9 Jul 2007         1,881 ...HR --- "C:\Documents and Settings\HP_Propri‚taire\Application Data\SecuROM\UserData\securom_v7_01.bak"
Tue 21 Nov 2006       278,528 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\~rnsetup\pncrt.dll"

[b]Finished![/b]


puis 


[b]SDFix: Version 1.159 [/b]

Run by HP_Propri‚taire on 19/03/2008 at 08:25

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\HP_PRO~1\MESDOC~1\NETTOY~1\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\Documents and Settings\HP_Propri‚taire
ew.txt  - Deleted
C:\autorun.inf  - Deleted





Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-19 08:36:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0008f4000527]
"001247d8ba2b"=hex:e1,23,fa,c5,1e,ac,58,f5,cb,86,af,0e,83,6b,f7,d6
"0018a49b7d83"=hex:06,3b,50,00,57,ec,90,d4,5e,f1,42,55,14,8e,90,fa
"00196346d66a"=hex:ea,0e,fa,50,90,31,eb,62,ec,76,36,28,c7,3c,19,b2
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0008f4000527]
"001247d8ba2b"=hex:e1,23,fa,c5,1e,ac,58,f5,cb,86,af,0e,83,6b,f7,d6
"0018a49b7d83"=hex:06,3b,50,00,57,ec,90,d4,5e,f1,42,55,14,8e,90,fa
"00196346d66a"=hex:ea,0e,fa,50,90,31,eb,62,ec,76,36,28,c7,3c,19,b2

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\7971f918-a847-4430-9279-4a52d1efe18d]
"CurrentCacheFile"="C:\WINDOWS\SoftwareDistribution\EventCache\{29849310-5C0A-4813-9176-5A5D4C54BF70}.bin"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"E:\windows\tools\RouterUpgrade.exe"="E:\windows\tools\RouterUpgrade.exe:*:Enabled:Application MFC FTP-ROUTEUR"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\Memo\Memo.exe"="C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\Memo\Memo.exe:*:Enabled:Desktop tool"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:æTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\HP_PRO~1\MESDOC~1\NETTOY~1\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 24 Oct 2006           218 A.SHR --- "C:\BOOT.BAK"
Tue 23 Oct 2007     5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Thu  1 Jun 2006            22 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Wed 28 Feb 2007         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 12 Feb 2007             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon  9 Jul 2007         1,881 ...HR --- "C:\Documents and Settings\HP_Propri‚taire\Application Data\SecuROM\UserData\securom_v7_01.bak"
Tue 21 Nov 2006       278,528 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\~rnsetup\pncrt.dll"

[b]Finished![/b]

bluemoun · Answer

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\monjack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device -   - C:\WINDOWS\system32\lxcgcoms.exe

ep44 · Answer

Bonsoir 

relance hijack et coche ceci 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)    
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe    

ensuite clic sur fix checked 


ensuite va sur ce site https://www.virustotal.com/gui/
et fait analyser ceci 

C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe

ensuite 
Télécharge:
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
= Installer
= Le lancer
= Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport

ensuite je te conseil de changer ton antivirus 
regarde ici https://www.malekal.com/avira-free-security-antivirus-gratuit/

ensuite refait un hijack et poste ton rapport mais cette fois entièrement
il manque le début sur l'autre ;-)

@+

bluemoun · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:19, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\monjack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device -   - C:\WINDOWS\system32\lxcgcoms.exe

ep44 · Answer

ok tu as oublié deux lignes 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 

ensuite les autres rapports 
@+

bluemoun · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:50:01, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\monjack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device -   - C:\WINDOWS\system32\lxcgcoms.exe

ep44 · Answer

ok poste stp les autres rapports comme demandé au poste 6
@+

bluemoun · Answer

Fichier CTLCMgr.exe reçu le 2008.03.19 22:20:16 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/32 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 7.
L'heure estimée de démarrage est entre 58 et 84 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email: 	
	
Antivirus 	Version 	Dernière mise à jour 	Résultat
AhnLab-V3	2008.3.19.1	2008.03.19	-
AntiVir	7.6.0.75	2008.03.19	-
Authentium	4.93.8	2008.03.19	-
Avast	4.7.1098.0	2008.03.19	-
AVG	7.5.0.516	2008.03.19	-
BitDefender	7.2	2008.03.19	-
CAT-QuickHeal	9.50	2008.03.14	-
ClamAV	0.92.1	2008.03.19	-
DrWeb	4.44.0.09170	2008.03.19	-
eSafe	7.0.15.0	2008.03.18	-
eTrust-Vet	31.3.5626	2008.03.19	-
Ewido	4.0	2008.03.19	-
F-Prot	4.4.2.54	2008.03.19	-
F-Secure	6.70.13260.0	2008.03.19	-
FileAdvisor	1	2008.03.19	-
Fortinet	3.14.0.0	2008.03.19	-
Ikarus	T3.1.1.20	2008.03.19	-
Kaspersky	7.0.0.125	2008.03.19	-
McAfee	5254	2008.03.18	-
Microsoft	1.3301	2008.03.19	-
NOD32v2	2960	2008.03.19	-
Norman	5.80.02	2008.03.19	-
Panda	9.0.0.4	2008.03.18	-
Prevx1	V2	2008.03.19	-
Rising	20.36.22.00	2008.03.19	-
Sophos	4.27.0	2008.03.19	-
Sunbelt	3.0.978.0	2008.03.18	-
Symantec	10	2008.03.19	-
TheHacker	6.2.92.249	2008.03.18	-
VBA32	3.12.6.3	2008.03.17	-
VirusBuster	4.3.26:9	2008.03.19	-
Webwasher-Gateway	6.6.2	2008.03.19	-
Information additionnelle
File size: 143360 bytes
MD5: 8f9fbef7dc547926b668f93f45095e6e
SHA1: b0ad9151c16cd9e5dc19f696c3892fcfe469d590
PEiD: Armadillo v1.71


ok je vous enverrai la suite demain .... merci et à demain !

ep44 · Answer

en effet mal placé 
mais pas de risque les lignes fixer c'est ok
il faudra faire avgas ensuite faire un scan en ligne 
avec bitdefender et colle le rapport

https://www.bitdefender.com/toolbox/

un tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
@+

bluemoun · Answer

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	11:13:30 20/03/2008

 + Résultat de l'analyse:	



C:\Program Files\Mozilla Firefox\installer-49967-845-Office-French.exe -> Backdoor.Agent.duj : Nettoyé.
C:\Program Files\Mozilla Firefox\instala-emule.exe -> Not-A-Virus.PUP.Takedawnload.a : Nettoyé.
:mozilla.206:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.16:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.17:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.18:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.19:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.20:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.21:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.22:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.23:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.25:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.26:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.27:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.28:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.29:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.30:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.31:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.32:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.33:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.34:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.35:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.36:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.37:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.38:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.39:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.40:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.41:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.42:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.43:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.44:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.455:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.45:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.46:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.47:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.48:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.49:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.50:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.51:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.52:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.53:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.54:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.55:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.56:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.57:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.58:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.59:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.67:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.80:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@aoleusearch.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.245:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.246:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.247:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.259:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé.
:mozilla.265:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé.
:mozilla.268:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé.
:mozilla.269:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé.
:mozilla.270:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé.
:mozilla.158:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.159:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.160:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.161:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.162:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.163:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.164:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.165:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.121:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.122:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.234:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.235:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.236:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.237:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.238:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.457:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.132:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.168:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.317:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.356:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.358:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.366:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.930:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Cqcounter : Nettoyé.
:mozilla.69:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.527:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.477:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.549:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.581:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.619:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.816:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.872:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.78:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.79:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.891:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.893:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.117:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.118:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.576:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.577:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.578:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\recup\[00B125]\colia@realguide.real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.151:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.152:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.153:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.154:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.155:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.156:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.157:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.322:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
C:\WINDOWS\system32\config\systemprofile\Cookies\system@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.123:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.124:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.125:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.126:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.127:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.128:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.129:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.130:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.503:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.505:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.506:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.507:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.508:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.509:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.510:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.511:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.512:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.188:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.189:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.190:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.194:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.195:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.140:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.141:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.142:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.143:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.914:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.144:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.178:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.179:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.180:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.181:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.182:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.183:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\v1rav83h.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.


Fin du rapport

bluemoun · Answer

BitDefender Log File !!!!!
Product : BitDefender Total Security 2008 
Version : BitDefender UIScanner v.11 
Log date : 11:54:49 20/03/2008 
Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\quick_scan\1206010489_1_02.xml 

Scan Paths:Path0000: C:\WINDOWS 
Path0001: C:\Program Files 


Scan Options:Scan for viruses : Yes 
Scan for adware : Yes 
Scan for spyware : Yes 
Scan for applications : Yes 
Scan for dialers : Yes 
Scan for rootkits : No 


Target selection options:Scan registry keys : No 
Scan cookies : No 
Scan boot sectors : No 
Scan memory processes : No 
Scan archives : No 
Scan runtime packers : Yes 
Scan emails : Yes 
Scan all files : Yes 
Heuristic Scan : Yes 
Scanned extensions :  
Excluded extensions :  


Target ProcessingDefault action for infected objects : Disinfect 
Default action for suspicious objects : None 
Default action for hidden objects : None 


Scan engines summaryNumber of virus signatures : 1018017 
Archive plugins : 41 
Email plugins : 6 
Scan plugins : 12 
Archive plugins : 41 
System plugins : 4 
Unpack plugins : 7 


Overall scan summaryScanned items : 172358 
Infected items : 0 
Suspicious items : 0 
Resolved items : 0 
Individual viruses found : 0 
Scanned directories : 5348 
Scanned boot sectors : 0 
Scanned archives : 28 
Input-output errors : 15 
Scan time : 00:00:27:51 
Files per second : 103 


Scanned processes summaryScanned : 0 
Infected : 0 


Scanned registry keys summaryScanned : 0 
Infected : 0 


Scanned cookies summaryScanned : 0 
Infected : 0 


Remaining issues:Object Name Threat Name Final Status 


Resolved issues:Object Name Threat Name Final Status 


Objects that were not scanned:Object Name Reason Final Status 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]Ad-Aware SE Default.skn Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]arrow1.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]arrow2.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bck1.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt11.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt12.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt13.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt21.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt22.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt23.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt31.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt32.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt33.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt41.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt42.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt43.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt51.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt52.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt53.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt61.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]bt62.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]checkbox1.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]checkbox2.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]checkbox3.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]checkbox4.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]defbtn1.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]defbtn2.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]defbtn3.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph1.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph2.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph3.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph4.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph5.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph6.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]glyph7.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]main.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]preview.bmp Password-Protected No action was possible 
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=]sprite1.bmp Password-Protected No action was possible

bluemoun · Answer

bon j'ai viré adaware, refait un san, puis hijack que je vous colle ci-dessous.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:52, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe


merci !

ep44 · Answer

Bonsoir ton hijack n'est pas complet 
@+

bluemoun · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:28:41, on 21/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\monjack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media	bMul1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: lxcg_device -   - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

ep44 · Answer

Bonsoir 
je ne vois plus rien sur ton hijack il semble ok 

si tu n'as installe c'est logiciel et exécute les scans 
sert toi des tutos 

=>CCleaner
http://ftpclubic40.clubic.com/...
tuto:
https://forums.cnetfrance.fr


=> SpyBot-Search & Destroy 1.5 (scan passif + protection préventive avec ces 2 résidents, ses vaccinations et sa list Hosts )

http://ftpclubic44.clubic.com/...
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
https://www.malekal.com/spybot-search-destroy-proteger-desinfecter-pc-virus/
Tuto :
http://perso.orange.fr/jesses/Docs/Logiciels/Spybot.htm

=> a² free (anti-trojans) (scan passif )

- Téléchargement : https://www.emsisoft.com/fr/home/antimalware/
- Tuto : http://perso.orange.fr/jesses/Docs/Logiciels/a-squared.htm

@+

bluemoun · Answer

ok tout est rentré dans l'ordre. je vous remercie pour vos précieux conseils ! bonne soirée.

ep44 · Answer

Content pour toi 

pour finir 
Tu peux supprimer tous les logiciels que nous avons utilisés
va dans ajout/suppression de programes et dans programmes files
pour vérifier



ensuite fait ceci (IMPORTANT)

=démarrer
=panneau de configuration
=système
=onglet Restauration système
=coche la case (Désactiver la restauration système)
=redémarre l'ordinateur
=réactive la ensuite
 bye
;-)

bluemoun · Answer

ok c'est fait , encore merci !

ep44 · Answer

Content pour toi ;-)

bye bye

Au secours , envahie de cheval de troie !!

21 réponses

Votre réponse

Discussions similaires

Newsletters