Aller au contenu

Chucky

Membres
  • Compteur de contenus

    4
  • Inscription

  • Dernière visite

Chucky's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Merci charles de tous ces sages conseil et merci pour xfire et autres. Je pense arriver a me débrouiller jusqu'a un certain point (jusqu'a une bébéte trop chaude a virer lol), mais en général j'ai profité de l'éxpérience de mes collégues plus compétents et mieux renseignés que moi ainsi que de l'exemple des infections multiples et violente de certaines de mes connaissances. En effet cela m'a permis d'éviter de faire les meme erreurs qu'eux au début, et d'etre préventivement assez bien formé et étant paranoiaque je me suis blindé d'antispywares et autres et au fur et à mesures des problémes rencontrés je me démerde mieux mais sinon je n'utilise pas emule car c'est nul et y a pas mal de saloperies dessus et puis ça rame sinon c'était un topic intérressant j'ai appris des trucs mais comme tu m'a dis rien de méchant donc a ce niveau je fais attention et je gére ce qui atterris normalement ou anormalement sur mon PC (ce que je vois en tout cas lol). Pour les PoP up j'utilise firefox qui les bloque assez bien meme si certains passent au travers j'en ai accepté une partie pour cause de ptr/ptc et sites de jeux mais c'est tout donc j'en ai pas des masses et j'ai pas le choix lol. Merci en tout cas, je pense que le plus important en ce moment c'est de défragmenter mes disques durs car ça fait un moment et ils en ont vraiment besoin. Sympa comme forum en tout cas encore merci, Bonne soirée.
  2. Salut charles ingalls lol et merci du conseil maisj'utilise toujours xfire donc quand tu dis "restes" tu veut dire quoi au juste c'est pas bon c'est quoi un espion ou un truc pire? Simple curiosité car je ne souhaite pas supprimer xfire que je trouve très pratique et qui me sert pour mes parties de cs source ou 1.6 ou autres fps du genre. Mais sinon merci du conseil je suis ça et je reviens poster un log j'éditerais mon message pour pas faire du double post. RE Voila mon log hijack this: Logfile of HijackThis v1.99.1 Scan saved at 19:24:54, on 29/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE D:\LOGICIELS\Divers\HIJACK THIS\Chucky.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stationripper.com/StationRipper...Shots_V2.32.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe Et voila mon log uninstall list µTorrent Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Flash Player 9 ActiveX Adobe Reader 7.0.8 - Français AIDA32 v3.93 Analyseur et SDK MSXML 4.0 SP2 Archiveur WinRAR a-squared Free 2.0 ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver Aureon 5.1 Fun ControlPanel avast! Antivirus AviSynth 2.5 BitComet 0.56 CCleaner (remove only) Client Hack 1.9.2d Connexion Bureau à distance Correctif pour Windows XP (KB913296) CureROM Pro 2.0.2 CVitae 2.0.2 DAEMON Tools Devil May Cry 3 Special Edition eMule Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP FileZilla (remove only) Half-Life® 2 HijackThis 1.99.1 Installation de la C-BOX J2SE Runtime Environment 5.0 Update 6 KiddiesBarre 1.0 K-Lite Codec Pack 2.69 Full Language pack for Ad-Aware SE Lecteur Windows Media 10 LiveUpdate 2.0 (Symantec Corporation) Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Messenger Plus! 3 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft Office Professional Edition 2003 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mozilla Firefox (1.5.0.6) Mozilla Thunderbird (1.5.0.5) MSN Messenger 7.5 MSXML 6.0 Parser My Program 1.5 Nero 6 Ultra Edition Nokia Connectivity Cable Driver Nokia PC Suite Norton Ghost 9.0 Pack Crystal XP 3.0 Picasa 2 PowerDVD Powertoys FR Pour Windows XP Programme de gestion Camera de Logitech® QuickTime Alternative 1.68 Real Alternative 1.46 Skype 2.0 SmartFTP Spybot - Search & Destroy 1.4 SpywareBlaster v3.5.1 StationRipper 2.30 Steam StepMania (remove only) SuperCopier2 TeamSpeak 2 RC2 Unlocker 1.8.0 User Profile Hive Cleanup Service Visionneuse Journal Windows Microsoft Visual Pinball VobSub v2.23 (Remove Only) Winamp (remove only) Windows Genuine Advantage v1.3.0254.0 Windows Media Connect Windows Media Format Runtime Windows Messenger 5.1 WINXP SP2 TCP Fix Xfire (remove only) xp-AntiSpy 3.95-1 Voila je pense que là ça devrait aller j'attend ta réponse.
  3. Bonne idée mais logiquement c'est tout bon, cependant la prudence prévaut et je poste quand meme un log Hijack this après restauration systéme. Logfile of HijackThis v1.99.1 Scan saved at 11:39:51, on 24/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\LVComS.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\xbbooxx\jtk361en(2)\jtk361en\JoyToKey.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\KiddiesBarre\KiddiesBarre.exe C:\xbbooxx\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stationripper.com/StationRipper...Shots_V2.32.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_9996.dll' missing O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe Et merci pour le bienvenue
  4. Bonjour voila donc je pense fortement etre infecté par le meme genre de saloperie que Sumol mais ce n'est pas magic control agent, j'ai scanné dans tous les sens et j'en viens à la conclusion que la meme procédure devrait ou pas loin devrait m'aider a me débarrasser de cette vilaine variante du meme style. Je passe en mode sans échec je scanne complet avec ewido puis avec hijack this et je viens poster les rapports. --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:17:32 23/08/2006 + Scan result: :mozilla.60:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.61:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.62:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.63:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.64:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.65:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.66:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.538:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.539:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.540:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.541:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.542:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.495:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.174:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Clickbank : Cleaned. :mozilla.834:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.835:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.231:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.232:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.233:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.544:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.145:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.146:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.147:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.148:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.179:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.648:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.684:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.732:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.830:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.874:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.630:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Itrack : Cleaned. :mozilla.631:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Itrack : Cleaned. :mozilla.583:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.519:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.520:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.521:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.522:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.620:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Masterstats : Cleaned. :mozilla.524:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.525:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.526:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.527:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.528:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.376:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.491:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.492:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.496:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.497:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.498:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.499:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.401:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.402:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.403:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.267:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.268:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.269:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.332:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.425:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.426:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.427:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.545:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.67:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.70:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.71:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.72:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.73:C:\Documents and Settings\Darth Vador\Application Data\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.750:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.751:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.752:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.753:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.756:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.574:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.575:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.576:D:\Mozilla\Firefox\Profiles\ff9gw1l5.chucky\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end Et Logfile of HijackThis v1.99.1 Scan saved at 16:21:15, on 23/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\taskmgr.exe C:\xbbooxx\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stationripper.com/StationRipper...Shots_V2.32.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [ekngydsqvj] c:\windows\system32\ekngydsqvj.exe ekngydsqvj O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_9996.dll' missing O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe Radicalement résolu par une restauration systéme merci quand meme d'avoir lu.
×
×
  • Créer...