Votre question

[RESOLU]Analyse Hijack avec win32 tenga en cible!!!

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Novembre 2006 22:07:31

Voici le log ,
Logfile of HijackThis v1.99.1
Scan saved at 21:59:10, on 16/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zell211\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P 2006] The Settlers 2 Next Generation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453786 14
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: msoffice.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{1485977C-33D3-4646-A217-C9376DB22DA0}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

Autres pages sur : resolu analyse hijack win32 tenga cible

17 Novembre 2006 18:41:00

UP, please ça doit pas etre compliqué....:'( 
17 Novembre 2006 18:49:11

Bonjour

$$ Télécharge
SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.z...

clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

$$ Redémarre en mode sans échec.

$$ Ouvre le dossier Clean qui se trouve sur ton bureau, et double-clic sur clean.cmd.
Une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

$$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
Double-clique sur RunThis.bat
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer
Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec le rapport qui se trouve ici C:\rapport_clean.txt et un nouveau HijackThis.
Contenus similaires
17 Novembre 2006 21:00:41

Re,
Comme y'vait pas de réponse j'ai d'abord fait un scan AVG en mode sans echec et un netooyage Ccleaner en mode sans echec aussi.
Puis j'ai refait un Hijack en mode normal après
Je poste donc les différzents log
17 Novembre 2006 21:05:52

alors log AVG en mode sans echec
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 23:07:33 16/11/2006

+ Résultat de l'analyse:



C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP115\A0017007.exe -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP123\A0022851.exe -> Logger.Haxspy.au : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP176\A0028764.sys -> Logger.Haxspy.au : Nettoyé et sauvegardé (mise en quarantaine).
C:\kosjlqeb.exe -> Logger.Haxspy.au : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP115\A0017001.exe -> Proxy.Small.bo : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.69:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.70:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.71:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.72:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.327:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.328:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.329:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.330:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.331:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.332:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.333:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.334:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.335:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.336:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.337:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.338:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.339:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.340:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.341:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.342:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.530:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.841:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@adbrite.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@gettyimages.122.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.161:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.162:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.163:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.164:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.168:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.688:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.977:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@site.www.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@www.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.683:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.684:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.225:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.231:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.25:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.29:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.31:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.34:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.35:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.36:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.48:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.137:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.23:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.627:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.514:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.515:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.516:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.517:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.559:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.855:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.856:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.857:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.597:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyé.
:mozilla.395:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Cqcounter : Nettoyé.
:mozilla.21:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.850:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@e-2dj6wjlyqhc5alo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.30:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.522:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.523:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.524:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.525:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.526:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.527:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.169:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.170:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.171:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.172:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.173:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.174:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.572:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.503:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.504:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.505:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.506:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.864:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.865:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.891:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.892:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.893:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.362:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@komtrack[2].txt -> TrackingCookie.Komtrack : Nettoyé.
:mozilla.734:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.735:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.44:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.26:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.27:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.28:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.606:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.138:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.139:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.140:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.141:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.126:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.127:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.472:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.474:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.475:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.476:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.477:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.478:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.479:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.480:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.962:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.200:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.201:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.202:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.203:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.128:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.129:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.130:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.131:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.132:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.133:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.236:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.237:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.238:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.239:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.240:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.242:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.243:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.245:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.10:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.7:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.118:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.119:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.120:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.121:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.122:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.123:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.187:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.190:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.191:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.199:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@php.sales.tfag[1].txt -> TrackingCookie.Tfag : Nettoyé.
:mozilla.213:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.214:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.215:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.216:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.389:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.445:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.14:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.15:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.16:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.18:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.198:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.460:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.461:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.462:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.463:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.464:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.465:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Zell211\Cookies\zell211@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.831:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.832:C:\Documents and Settings\Zell211\Application Data\Mozilla\Firefox\Profiles\01mu2jxh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport
17 Novembre 2006 21:06:55

Puis le log Hijack en mode normal

Logfile of HijackThis v1.99.1
Scan saved at 23:15:53, on 16/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\LiveUpdate.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\aceagent.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Documents and Settings\Zell211\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Documents and Settings\Zell211\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\Documents and Settings\Zell211\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P 2006] The Settlers 2 Next Generation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Zell211\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453786 14
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: msoffice.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{1485977C-33D3-4646-A217-C9376DB22DA0}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Zell211\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
a b 8 Sécurité
17 Novembre 2006 21:21:19

Fais ce que Chercheur a dit.
17 Novembre 2006 21:26:13

ok je vais faire
merci!
18 Novembre 2006 15:46:50

Re les gens, :jap: 
alors les rapports demandés :
report.txt,
SDFix: Version 1.40
-------------------

Scan run on:
18/11/2006

Time:
15:01

Microsoft Windows XP [version 5.1.2600]

Running from: C:\Documents and Settings\Zell211\Bureau\SDFix

Stage One...

Checking Services...

Name:
-----

Path:
----


Repairing Registry...


Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two...

Checking For Malware:
--------------------


Backing Up and Removing any Files Found...

Final Check:

Services:
---------


Files:
------


Any files removed are saved to the SDFix\backups Folder

FINISHED


puis,

rapport_clean.txt :
Script clean par Malekal_morte - http://www.malekal.com

Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec

*** Suppression de fichiers sur C:
C:\StubInstaller.exe FOUND
C:\UNWISE.EXE FOUND

*** Suppression des fichiers dans C:\WINDOWS\
C:\WINDOWS\patcher.exe FOUND
C:\WINDOWS\user32.exe FOUND

*** Suppression des fichiers dans C:\WINDOWS\system32
"C:\Documents and Settings\Zell211\Application Data\ezpinst.exe" FOUND

"C:\Program Files\serial.zip" FOUND
"C:\Program Files\user32.exe" FOUND

*** Suppression des clefs du registre effectuee..
et enfin hijackthis,

Logfile of HijackThis v1.99.1
Scan saved at 15:09:52, on 18/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Zell211\Bureau\Virus Fix\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P 2006] The Settlers 2 Next Generation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453786 14
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: msoffice.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{1485977C-33D3-4646-A217-C9376DB22DA0}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

Voilà merci de m'indiquer s'il reste des trucs à faire!! :hello: 
18 Novembre 2006 17:26:50

Bonjour

Encore quelques corrections.

Relance un scan HijackThis et coche les lignes ci-dessous :

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P 2006] The Settlers 2 Next Generation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: msoffice.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.
18 Novembre 2006 18:56:57

Bonsoir,
Ok chef je fais ça :) 
a b 8 Sécurité
18 Novembre 2006 19:06:31

D'autres problèmes ?
19 Novembre 2006 12:23:03

Re,
rapport de Kaspesky:
Sunday, November 19, 2006 12:35:50 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 18/11/2006
Enregistrements dans la base antivirus Kaspersky : 229067
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Z:\
Statistiques de l'analyse
Total d'objets analysés 100438
Nombre de virus trouvés 2
Nombre d'objets infectés 26 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:06:27

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Zell211\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Downloads\NOCD The Settlers 2 Next Generation crack.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\Downloads\NOCD The Settlers 2 Next Generation crack.exe SetupFactory: infecté - 1 ignoré
C:\Downloads\The Settlers 2 Next Generation crack.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\Downloads\The Settlers 2 Next Generation crack.exe SetupFactory: infecté - 1 ignoré
C:\Downloads\Win.All The Settlers 2 Next Generation crack.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\Downloads\Win.All The Settlers 2 Next Generation crack.exe SetupFactory: infecté - 1 ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré
C:\Program Files\eMule\Incoming\NOCD The Settlers 2 Next Generation crack.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\Program Files\eMule\Incoming\NOCD The Settlers 2 Next Generation crack.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009360.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009360.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009361.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009361.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009362.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009362.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009363.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009363.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009364.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP113\A0009364.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP117\A0021674.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP117\A0021674.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP165\A0026842.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP165\A0026842.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP165\A0026843.exe/irsetup.dat Infecté : Trojan-Dropper.Win32.Peerad.a ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP165\A0026843.exe SetupFactory: infecté - 1 ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP176\A0028763.dll Infecté : Trojan-Spy.Win32.Haxspy.au ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP176\A0028776.exe Infecté : Trojan-Spy.Win32.Haxspy.au ignoré
C:\System Volume Information\_restore{FE9275FA-7A0E-466A-B2B3-F1FFF986E460}\RP180\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_1c0.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\sqlite_DpSbcW4rWB8fLNo L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
19 Novembre 2006 14:48:34

OK tout est reglé....merci ;) 
a b 8 Sécurité
19 Novembre 2006 14:52:00

Attends tu es encore infecté.
Attends le retour de Chercheur.
19 Novembre 2006 14:55:39

Bonjour

Il y a encore quelques corrections.
Certaines infections sont dans le système de restauration, les autres sont des CRACKS.....

** Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Downloads\NOCD The Settlers 2 Next Generation crack.exe
C:\Downloads\The Settlers 2 Next Generation crack.exe
C:\Downloads\Win.All The Settlers 2 Next Generation crack.exe
C:\Program Files\eMule\Incoming\NOCD The Settlers 2 Next Generation crack.exe

** Lance le nettoyage avec CCleaner.

** Clique sur Démarrer - Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

Puis redémarrer l'ordinateur et faire l'opération inverse en décochant la case Désactiver la restauration systéme.
20 Novembre 2006 19:06:21

Ok merci c fait.. :) 
22 Novembre 2006 18:11:32

bon j'ai fait ce que vous m'aviez conseillé...( je sais ça remonte à loin!)
nouveau Hijack mais ya encore O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453786 14..c pas une bizarrerie ça?

Logfile of HijackThis v1.99.1
Scan saved at 14:20:13, on 22/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Zell211\Bureau\Virus Fix\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Jeux\Battlefield Vietnam\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453786 14
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1485977C-33D3-4646-A217-C9376DB22DA0}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

22 Novembre 2006 21:06:55

Bonjour

Possède tu un appareil de ce type ?
Fujitsu-Siemens
Anonyme
22 Novembre 2006 22:30:41

ne me fais pas peur j'ai un Fujitsu-Siemens lol
2 Janvier 2007 13:45:32

Bonjour
Moi aussi j'ai un pb avec Win32:tenga.
Voiçi le contenu du fichier report.txt


SDFix: Version 1.53
****************

02/01/2007 - 13:17:00,85

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix

Stage One - Safe Mode

Checking Services...

Service Name:


File Path:



Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------


Backing Up and Removing any Files Found...

Alternate Stream Check:

C:\WINDOWS\system32
No streams found.
Final Check:

Remaining Services:
------------------



Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\ADMINI~1\Bureau\SDFix\backups\backups.zip

Checking for files with Hidden Attributes:

C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\WINDOWS\LastGood.Tmp\INF\dxbda.inf
C:\WINDOWS\LastGood.Tmp\INF\dxbda.PNF
C:\WINDOWS\LastGood.Tmp\INF\dxdllreg.inf
C:\WINDOWS\LastGood.Tmp\INF\dxdllreg.PNF
C:\WINDOWS\LastGood.Tmp\INF\dxxp.inf
C:\WINDOWS\LastGood.Tmp\INF\dxxp.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem0.inf
C:\WINDOWS\LastGood.Tmp\INF\oem0.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem1.inf
C:\WINDOWS\LastGood.Tmp\INF\oem1.PNF
C:\WINDOWS\LastGood.Tmp\INF\q832894.inf
C:\WINDOWS\LastGood.Tmp\INF\q832894.PNF

FINISHED!

Par contre je ne trouve pas le rapport_clean.txt. Ou se trouve t'il ?
Merci d'avance
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS