Aller au contenu

durandale

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    87

  • Inscription

  • Dernière visite

Tout ce qui a été posté par durandale

  1. durandale
    salut mais j'y connais pas grand chose tu pourrais m'expliquer la manipulation?? à plus durandale
  2. durandale
    remoi bon j'ai fait tout ça à toi de voir mais je crois que les lignes 09 existent toujours et j'ai toujours le troj et un message qui s'affiche sur system32 si je peux je le note mais ça change à chaque fois aussi àplus durandale je te txt Logfile of HijackThis v1.99.1 Scan saved at 19:24:22, on 28/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
  3. durandale
    salut à tous les 2 bon j'ai refait un scan avec fixjack sans trop de résuktat je le crains ce qui est bizarre c'est que j'ai toujours le troj et que la ligne r1 revient je pense pourquoi?? je te laisse un txt à plus durandale tu peux me dire aussi si je peux supprimer tout ce je que j'ai mis ^pour suivre la chaîne de destroy?? car je pense que si j'ai plusieurs antivirus ça risque de gêner l'ensemble non??Logfile of HijackThis v1.99.1 Scan saved at 18:17:27, on 28/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\windows\system32\jnixog.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe c:\progra~1\intern~1\iexplore.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://idvmmjtolhdwuj.net//C0NBTrKHNeUHtbF...SF2_MHQXF7.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [jnixog] c:\windows\system32\jnixog.exe jnixog O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Ref Manager] C:\DOCUME~1\Loup\APPLIC~1\FLAPGR~1\up browse.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe à plus
  4. durandale
    remoi bonsoir excuses mais j'ai pas pu faire autrement enfin j'ai fait ce que tu demandes voilà le txt hijackthisLogfile of HijackThis v1.99.1 Scan saved at 21:36:26, on 27/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe j'espère que cela te conviendra à propos pour msg plus un message m'a dit qu'il se désinstellerai au redémarrage et pour les questions puis je supprimer les choses que tu m'as dit de télécharger ?? voilà à plus durandale et bonne nuit à demain merci encore
  5. durandale
  6. durandale
    voilà je te poste le txt et je vais aller me coucher à demain je verrais le résultat bye et merci Logfile of HijackThis v1.99.1 Scan saved at 21:50:22, on 26/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Logitech\Video\FxSvr2.exe c:\progra~1\intern~1\iexplore.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.uczrrpmzzpycbcxtqja.com//C0NBTr...SF2_MHQXF7.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inolzolqioaregrwyphrzshdv.info/...ieWDRs6zdY.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: (no name) - {24181263-8832-168A-50D1-8BE42270462C} - C:\DOCUME~1\Loup\APPLIC~1\CREATI~1\lite roam.exe O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [film real rect loud] C:\Documents and Settings\All Users\Application Data\ANTI TWO FILM REAL\support plan.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Ref Manager] C:\DOCUME~1\Loup\APPLIC~1\FLAPGR~1\up browse.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
  7. durandale
    qu'est ce que tu appelles fixer j'ai été en mode sans échec mais pour supprimer shopper report pas pu il y avait plus rien j'ai bien cocher les 2 cases 09 extrabutton comme tu as dit alors?,
  8. durandale
    remoi j'ai fait ce que tu m'as demandé voilà ltxt hijackLogfile of HijackThis v1.99.1 Scan saved at 20:08:25, on 26/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [instant Access] rundll32.exe p2esocks_1051.dll,InstantAccess O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe je vais peut-être faire ça à la fin non??
  9. durandale
    Logfile of HijackThis v1.99.1 Scan saved at 18:59:10, on 26/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [instant Access] rundll32.exe p2esocks_1051.dll,InstantAccess O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 18:38:39, 26/03/2006 + Somme de contrôle: 7EAAE5F8 + Résultats du scan: HKLM\SOFTWARE\HbTools -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Nettoyer et sauvegarder HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Common -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Install -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\links -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\options -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg800 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg801 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg802 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg803 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg807 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg808 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg810 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg811 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg812 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg818 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg819 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg824 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg825 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg826 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg827 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg828 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg829 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg830 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg842 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg843 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg844 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg845 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg847 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg848 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg849 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg856 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg857 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HostOI -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HostOL -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\HostOL\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostIE -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostOI -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostOL -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Nettoyer et sauvegarder HKU\S-1-5-21-3554940790-914518934-2835527381-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@66.220.17[1].txt -> TrackingCookie.66.220.17.154 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@7search[2].txt -> TrackingCookie.7search : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@abcsearch[1].txt -> TrackingCookie.Abcsearch : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@adtech[1].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@advertising[2].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@banner.casinoking[2].txt -> TrackingCookie.Casinoking : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@banner.casinolasvegas[2].txt -> TrackingCookie.Casinolasvegas : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@banner.grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@bfast[2].txt -> TrackingCookie.Bfast : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@c.goclick[1].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casinodelrio[1].txt -> TrackingCookie.Casinodelrio : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casinoking[1].txt -> TrackingCookie.Casinoking : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casinolasvegas[1].txt -> TrackingCookie.Casinolasvegas : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@clickbank[2].txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@com[2].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter2.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@counter9.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-accuweather.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-ads.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-edipresse.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-francetel.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-francetelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-interlifeform.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-noven.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-ricaud.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ehg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@free.wegcash[2].txt -> TrackingCookie.Wegcash : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@linksynergy[1].txt -> TrackingCookie.Linksynergy : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@lop[1].txt -> TrackingCookie.Lop : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@overture[2].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@paycounter[2].txt -> TrackingCookie.Paycounter : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@phg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@revenue[2].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@www.casinodelrio[2].txt -> TrackingCookie.Casinodelrio : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Cookies\loup@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@66.220.17[2].txt -> TrackingCookie.66.220.17.154 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@adtech[1].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@advertising[2].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@ayb.lop[1].txt -> TrackingCookie.Lop : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@banner.casinolasvegas[2].txt -> TrackingCookie.Casinolasvegas : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@c2.zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@casinolasvegas[1].txt -> TrackingCookie.Casinolasvegas : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@casinopays[1].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@lop[1].txt -> TrackingCookie.Lop : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@overture[2].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@qksrv[2].txt -> TrackingCookie.Qksrv : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@revenue[1].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Local Settings\Temp\Cookies\loup@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Menu Démarrer\NoCreditCard.url -> Adware.UnwantedIcons : Nettoyer et sauvegarder C:\Documents and Settings\Loup\Mes documents\Dossier setup\backups\backup-20060326-174457-339.dll -> Dialer.InstantAccess.e : Nettoyer et sauvegarder C:\Documents and Settings\PHOTOS à DEUX\Cookies\photos à deux@images.lop[1].txt -> TrackingCookie.Lop : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@advertising[2].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@casinopays[1].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@ehg-vivacances.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@lop[2].txt -> TrackingCookie.Lop : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@revenue[1].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@valueclick[2].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder C:\Documents and Settings\Puce\Cookies\puce@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Program Files\Adverts\uninst.exe -> Adware.Lop : Nettoyer et sauvegarder C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : Nettoyer et sauvegarder C:\Program Files\HbTools\Bin\4.7.2.1\Cml.exe -> Adware.HotBar : Nettoyer et sauvegarder C:\Program Files\HbTools\Bin\4.7.2.1\HbtGuard.exe -> Adware.HotBar : Nettoyer et sauvegarder C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostOL.dll -> Adware.HotBar : Nettoyer et sauvegarder C:\Program Files\HbTools\Bin\4.7.2.1\HbtInstIE.dll -> Adware.HotBar : Nettoyer et sauvegarder C:\Program Files\HbTools\Bin\4.7.2.1\HbtWallpaper.dll -> Adware.HotBar : Nettoyer et sauvegarder C:\Program Files\WinFixer 2005 -> Adware.WinFixer : Nettoyer et sauvegarder C:\Program Files\WinFixer 2005\lock.dat -> Adware.WinFixer : Nettoyer et sauvegarder C:\WINDOWS\system32\msvol.tlb -> Downloader.Zlob.ik : Nettoyer et sauvegarder ::Fin du rapport
  10. durandale
    me revoici j'ai à peu près fait tout ce que tu m'as dit je te txt les rapports et tu me dis pour le reste merci mon pc avance un peu plus rapidement déjà mais j'ai toujours au début le trojan peux tu me dire aussi d'où vient tout ce micmac durandale
  11. durandale
    j'ai déjà essayé de faire en mode sans échec mais mon pc s'est bloqué j'ai fait un reset et j'ai téléchargé look2me destroyer je vous envoie le txt àvous merci Look2Me-Destroyer V1.0.11 Scanning for infected files..... Scan started at 26/03/2006 15:16:20 Attempting to delete infected files... Making registry repairs. Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrateurs - Succeeded
  12. durandale
    Logfile of HijackThis v1.99.1 Scan saved at 10:50:21, on 26/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\windows\system32\nhcwqs.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\WINDOWS\system32\rundll32.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\Loup\Mes documents\Dossier setup\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zwbjlnlunylvgrebzy.com//C0NBTrK...SF2_MHQXF7.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.grpwhunfnirqzgveltmkipft.net//C...ZieWDRs6zdY.jpg R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: (no name) - {24181263-8832-168A-50D1-8BE42270462C} - C:\DOCUME~1\Loup\APPLIC~1\CREATI~1\lite roam.exe O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [nhcwqs] c:\windows\system32\nhcwqs.exe nhcwqs O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [film real rect loud] C:\Documents and Settings\All Users\Application Data\ANTI TWO FILM REAL\bits locks.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [instant Access] rundll32.exe p2esocks_1051.dll,InstantAccess O4 - HKCU\..\Run: [Ref Manager] C:\DOCUME~1\Loup\APPLIC~1\FLAPGR~1\up browse.exe O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://acces-direct.net/15671/Marine-dial-chat.exe O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1058_XP.cab O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/binaries/P2E..._1049_FR_XP.cab O16 - DPF: {602890BA-07A1-4A93-A89F-6BDDD8BB9BA5} - http://es6-scripts.dlv4.com/binaries/egaut..._1051_FR_XP.cab O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - http://scripts.downloadv3.com/binaries/EGD...ESS_1074_XP.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGD...ESS_1073_XP.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
  13. durandale
    salut à tous et toutes j'ai un gros problème en effet un trojan TR/Dldr.Zlob.go2. plus certaines infections virales je vais essayer de vous faire une copie de l'analyse hijackthis merci d'avance et bonne journée à vous durandale si quelqu'un peut m'aider simplement j'en serais ravi à plus
×
×
  • Créer...