Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[RESOLU] apparition de fenêtre de pub

narsuack

Par narsuack
dans Analyses et éradication malwares

 Partager

Messages recommandés

narsuack Member

narsuack

Posté(e)
Posté(e) (modifié)

Bonjour,

 

depuis quelques jours j'ai régulièrement des fenêtres de pub qui s'ouvrent sous firefox (essentiellement des pub pour antivirus, paris en ligne...). Après avoir suivi pas à pas les directives de megataupe (du moins je l'espère), voici mon rapport HijackThis :

 

Logfile of HijackThis v1.99.1

Scan saved at 16:18:17, on 11/03/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe

C:\Program Files\Slide\Slide.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Startup: Slide.exe.lnk = C:\Program Files\Slide\Slide.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540017} (CInstall Class) - http://www.eqoon.com/sp/cab/Install.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://celinico0.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

 

J'attends vos conseils, merci d'avance

Je préfère vous préciser que je suis plutôt novice en informatique :P

Modifié par narsuack

regis56 Godlike Member

regis56

Posté(e)
Posté(e) (modifié)

Salut narsuack !

 

Peut tu faire ceci STP :

 

Télécharge AVG Anti-Spyware

  1. Lance AVG Anti-Spyware et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.
     
     
  2. Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"
     
     
  3. Ferme AVG Anti-Spyware. Ne pas le lancer tout de suite.

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

  • Du mode Sans Échec, lance AVG Anti-Spyware et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan. Le scan prendra un certain temps, donc sois patient.
     
     
  • AVG Anti-Spyware affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. AVG Anti-Spyware affichera "All actions have been applied" du côté droit.
     
     
  • Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).
     
     
  • Redémarre ton ordi en mode Normal.

.

 

Je te fais passer un autre outil :

 

Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.

 

Double-clique blbeta.exe et accepte la licence; laisse [X]scan through Windows Explorer activé; clique Scan puis Next

 

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

 

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Prière de poster les rapports suivant dans ta prochaine réponse :

 

1) AVG Anti-Spyware

2) BlackLight

3) Nouveau rapport HijackThis!

 

Bon courage, et @+

Modifié par regis56
narsuack Member

narsuack

Posté(e)
  • Auteur
Posté(e) (modifié)

Merci regis56 pour la rapidité de réponse :P

 

Et voici les 3 nouveaux rapports :

1/AVG anti-spyware

 

---------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse

---------------------------------------------------------

 

+ Créé à: 00:14:54 12/03/2007

 

+ Résultat de l'analyse:

 

 

 

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019701.exe -> Adware.180Solutions : Ignoré.

C:\Program Files\Hotbar -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP105\A0024932.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP105\A0024933.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP106\A0024952.dll -> Adware.Hotbar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019680.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019684.dll -> Adware.Hotbar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019685.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019686.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019689.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019690.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019691.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019694.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019695.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019696.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019700.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019704.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP73\A0017389.exe -> Adware.NaviPromo : Ignoré.

C:\WINDOWS\Downloaded Program Files\Install.dll -> Adware.SpywareStorm : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP129\A0030564.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignoré.

:mozilla.373:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.374:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.375:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.376:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.377:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.378:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.

:mozilla.327:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.328:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.330:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.331:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.334:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.335:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.336:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.337:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.338:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.339:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.340:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.341:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.342:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.344:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.345:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.346:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.347:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.348:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.349:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.350:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.352:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.353:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.354:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.579:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.610:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.627:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.650:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.773:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.62:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.

:mozilla.63:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.

:mozilla.64:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.

:mozilla.126:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.

:mozilla.127:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.

:mozilla.131:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.132:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.133:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.134:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.135:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.572:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.

:mozilla.136:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.

C:\Documents and Settings\perso\Local Settings\Temp\Cookies\perso@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.

:mozilla.159:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.

:mozilla.355:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.

:mozilla.541:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Com : Nettoyé.

:mozilla.439:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.440:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.441:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.442:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.432:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.

:mozilla.137:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.

:mozilla.469:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.

:mozilla.587:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.

:mozilla.588:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.

:mozilla.534:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.

:mozilla.715:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.

:mozilla.443:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.628:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.784:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.809:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.835:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.839:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.840:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.

:mozilla.416:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.417:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.418:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.787:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.

:mozilla.146:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.

:mozilla.147:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.

C:\Documents and Settings\perso\Local Settings\Temp\Cookies\perso@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.

:mozilla.106:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.

:mozilla.107:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.

:mozilla.547:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.

:mozilla.548:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.

:mozilla.549:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.

:mozilla.550:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.

:mozilla.823:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.

:mozilla.824:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.

:mozilla.825:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.

:mozilla.177:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.178:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.179:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.180:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.181:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.182:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.183:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.184:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.185:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.186:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.187:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.188:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.189:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.190:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.191:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.192:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.193:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.536:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.538:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.539:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.540:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.

:mozilla.138:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.139:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.140:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.141:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.142:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.143:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.719:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.

:mozilla.720:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.

:mozilla.774:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.

:mozilla.775:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.

:mozilla.84:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.85:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.86:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.87:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.65:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.66:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.67:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.68:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.69:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.70:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.71:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.72:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.73:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.74:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.75:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.76:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.77:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.78:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.79:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.80:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.81:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.82:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.

:mozilla.113:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.114:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.115:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.116:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.117:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.495:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.

:mozilla.123:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

:mozilla.124:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

:mozilla.125:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.

:mozilla.429:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.

:mozilla.90:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.91:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.93:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.94:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.96:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.97:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.151:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

:mozilla.152:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

:mozilla.153:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

:mozilla.154:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

:mozilla.155:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

 

 

Fin du rapport

 

2/ Rapport blacklight

 

03/12/07 00:38:58 [info]: BlackLight Engine 1.0.55 initialized

03/12/07 00:38:58 [info]: OS: 5.1 build 2600 (Service Pack 2)

03/12/07 00:38:58 [Note]: 7019 4

03/12/07 00:38:58 [Note]: 7005 0

03/12/07 00:39:04 [Note]: 7006 0

03/12/07 00:39:04 [Note]: 7011 1740

03/12/07 00:39:04 [Note]: 7026 0

03/12/07 00:39:04 [Note]: 7026 0

03/12/07 00:39:04 [Note]: 7024 3

03/12/07 00:39:04 [info]: Hidden process: C:\windows\system32\nscxtyg.exe

03/12/07 00:39:07 [Note]: FSRAW library version 1.7.1021

03/12/07 00:47:39 [info]: Hidden file: c:\WINDOWS\system32\nscxtyg.dat

03/12/07 00:47:39 [Note]: 10002 1

03/12/07 00:47:40 [info]: Hidden file: C:\windows\system32\nscxtyg.exe

03/12/07 00:47:40 [Note]: 10002 1

03/12/07 00:47:40 [info]: Hidden file: c:\WINDOWS\system32\nscxtyg_nav.dat

03/12/07 00:47:40 [Note]: 10002 1

03/12/07 00:47:40 [info]: Hidden file: c:\WINDOWS\system32\nscxtyg_navps.dat

03/12/07 00:47:40 [Note]: 10002 1

03/12/07 00:49:42 [Note]: 7007 0

 

3/ rapport HijackThis2

 

Logfile of HijackThis v1.99.1

Scan saved at 00:50:31, on 12/03/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Slide\Slide.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Startup: Slide.exe.lnk = C:\Program Files\Slide\Slide.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540017} (CInstall Class) - http://www.eqoon.com/sp/cab/Install.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://celinico0.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

Modifié par narsuack
regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Salut !

 

Fais ceci stp :

 

1) Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.

 

Télécharge Brute Force Uninstaller (de Merijn).

Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

 

FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

 

2)-Redémarrer en mode sans échec :

(En mode sans échec : seul les processus systèmes sont lancés il est donc plus facile de supprimer ce qui est infecté.)

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé,

Il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec"et appuyer sur [Entrée].

NB:Si problème aller voir ici: http://service1.symantec.com/SUPPORT/INTER...020325143456924

 

3) Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

 

- Clique sur le petit dossier jaune (à droite de la boîte "Scriptline to execute");

- Double-clique sur EGDACCESS.bfu

- Tu devrais maintenant voir ceci dans la boîte "Scriptline to execute" :

C:\BFU\EGDACCESS.bfu

 

Clique sur Execute et laisse-le faire son travail.

 

Attendre que Complete script execution apparaîsse et clique sur OK (l'exécution est rapide..).

Clique Exit pour fermer le programme BFU.

 

 

4)Créer un fichier Bloc Notes avec le texte qui se trouve dans l'espace "code" ci-dessous (copie/colle, sans le mot "Code" )

 

----code----

RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nscxtyg

RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|nscxtyg

RegDelValue HKCU\Software\Microsoft\Windows\CurrentVersion\Run|nscxtyg

FileDelete %SYSDIR%\nscxtyg_navtmp.dat

FileDelete %SYSDIR%\nscxtyg_navup.dat

FileDelete %SYSDIR%\nscxtyg_navps.dat

FileDelete %SYSDIR%\nscxtyg_nav.dat

FileDelete %SYSDIR%\nscxtyg.dat

FileDelete %SYSDIR%\nscxtyg_m2s.xml

FileDelete %SYSDIR%\nscxtyg.exe

FileDelete %WINDIR%\PREFETCH\nscxtyg.exe-*.pf

----code----

 

5) Enregistre ce fichier dans c:\BFU

-Nom du fichier : aftermath.bfu

-Type : tous les fichiers

-cliquer sur Enregistrer

-quitter le Bloc note

 

6) Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

 

- Clique sur le petit dossier jaune (à droite de la boîte "Scriptline to execute");

- Double-clique sur aftermath.bfu

- Tu devrais maintenant voir ceci dans la boîte "Scriptline to execute" :

C:\BFU\aftermath.bfu

 

Clique sur Execute et laisse-le faire son travail.

 

Attendre que Complete script execution apparaîsse et clique sur OK (l'exécution est rapide..).

Clique Exit pour fermer le programme BFU.

 

7) Repasse un scan complet avec AVG Anti-Spyware (toujours en mode Sans Échec), et sauvegarde son rapport.

 

8 ) Redémarre en mode Normal.

 

Poste le nouveau rapport d'AVG Anti-Spyware

un nouveau log HijackThis!

Et un nouveau rapport Blacklight STP dans ta prochaine réponse.

 

Bon courage à plus !

narsuack Member

narsuack

Posté(e)
  • Auteur
Posté(e)

Merci Regis, alors voici la suite :

 

rapport AVG anti-Spyware :

 

---------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse

---------------------------------------------------------

 

+ Créé à: 20:13:52 12/03/2007

 

+ Résultat de l'analyse:

 

 

 

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019701.exe -> Adware.180Solutions : Ignoré.

C:\Program Files\Hotbar -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP105\A0024932.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP105\A0024933.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP106\A0024952.dll -> Adware.Hotbar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019680.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019684.dll -> Adware.Hotbar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019685.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019686.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019689.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019690.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019691.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019694.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019695.exe -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019696.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019700.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP82\A0019704.dll -> Adware.HotBar : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP73\A0017389.exe -> Adware.NaviPromo : Ignoré.

C:\WINDOWS\Downloaded Program Files\Install.dll -> Adware.SpywareStorm : Ignoré.

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP129\A0030564.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignoré.

:mozilla.114:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.

:mozilla.118:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.

:mozilla.107:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.108:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.110:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.113:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.120:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.

:mozilla.52:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.

:mozilla.121:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.122:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.123:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.32:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.

:mozilla.64:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.

:mozilla.141:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.142:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.143:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.144:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.145:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.

:mozilla.53:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.54:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.55:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.56:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.57:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.58:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.

:mozilla.10:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.11:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.13:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.

:mozilla.17:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.

C:\Documents and Settings\perso\Cookies\perso@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.

:mozilla.14:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

:mozilla.154:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.155:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

:mozilla.156:C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.

 

 

Fin du rapport

 

log HijachThis :

 

Logfile of HijackThis v1.99.1

Scan saved at 22:24:39, on 12/03/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe

C:\Program Files\Slide\Slide.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\HijackThis\HijackThis.exe

C:\Program Files\Outlook Express\msimn.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Startup: Slide.exe.lnk = C:\Program Files\Slide\Slide.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540017} (CInstall Class) - http://www.eqoon.com/sp/cab/Install.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://celinico0.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

 

rapport blacklight

 

03/12/07 22:43:28 [info]: BlackLight Engine 1.0.55 initialized

03/12/07 22:43:28 [info]: OS: 5.1 build 2600 (Service Pack 2)

03/12/07 22:43:29 [Note]: 7019 4

03/12/07 22:43:29 [Note]: 7005 0

03/12/07 22:43:31 [Note]: 7006 0

03/12/07 22:43:31 [Note]: 7011 1700

03/12/07 22:43:31 [Note]: 7026 0

03/12/07 22:43:31 [Note]: 7026 0

03/12/07 22:43:40 [Note]: FSRAW library version 1.7.1021

03/12/07 22:54:00 [Note]: 7007 0

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Salut !

 

Continue comme ca :

 

Télécharge SpySweeper - Télécharge SpySweeper - Aide SpySweeper

- Clic sur sur le lien "Free Trial" pour le télécharger tout à droite

- Installe le et démare le

- Il va te demander de télécharger la dernière définition, accepte

- Ensuite, clic sur le bouton Options à gauche

- Clic sur l'onglet Options

- Assure toi que les options suivantes sont cochées :

o Windows Registery

o Memory Object

o Cookies

o System Restore Folder

o Plus bas :

o Sweep all users accounts

o Sweep for rootkis

 

-- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

- Démarre SpySweeper

- Clic sur "Sweep Now" à gauche

- Clic sur le bouton "Start"

- Quand le scan est terminé, clic sur le bouton "Next"

- Assure toi que tout est coché et clic sur le bouton "Next"

- Lorsque tous les éléments trouvés ont été supprimés

- Clic sur "Session Log" en haut à droite, copie tous les élements du log.

- Ferme les fenêtres et colle tout le log ici ainsi qu'un log HijackThis

 

 

Aide : N'hésite pas à consulter l'Aide de SpySweeper

 

A plus

narsuack Member

narsuack

Posté(e)
  • Auteur
Posté(e)

et voilà :

 

rapport spysweeper

 

 

14:31: Removal process completed. Elapsed time 00:01:20

14:30: Quarantining All Traces: xiti cookie

14:30: Quarantining All Traces: atlas dmt cookie

14:29: Quarantining All Traces: hotbar/zango

14:29: Removal process initiated

14:29: Traces Found: 31

14:29: Custom Sweep has completed. Elapsed time 02:26:14

14:29: File Sweep Complete, Elapsed Time: 02:24:28

Accès refusé

13:58: Warning: Unable to sweep compressed file: System Error. Code: 5.

Accès refusé

13:51: Warning: Unable to sweep compressed file: System Error. Code: 5.

13:24: Warning: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.

13:07: a0030031.exe (ID = 437061)

13:06: a0024928.dll (ID = 435793)

13:03: a0021788.exe (ID = 380950)

13:03: a0019688.exe (ID = 380950)

13:01: a0024950.dll (ID = 435785)

13:01: a0024934.dll (ID = 435775)

13:01: a0024925.dll (ID = 188209)

13:01: a0019692.dll (ID = 216235)

13:00: a0024927.dll (ID = 435782)

13:00: a0024929.exe (ID = 435801)

12:57: a0019689.exe (ID = 380920)

12:57: a0019695.exe (ID = 380920)

12:57: a0024922.dll (ID = 188201)

12:54: a0024926.exe (ID = 435777)

12:54: a0024918.dll (ID = 188205)

12:52: a0024930.dll (ID = 435772)

12:51: a0024919.dll (ID = 188207)

12:48: a0024932.exe (ID = 434198)

12:48: a0024923.dll (ID = 188202)

12:48: a0024916.exe (ID = 435798)

12:48: a0024924.dll (ID = 188208)

12:48: a0024952.dll (ID = 435768)

12:47: a0024931.exe (ID = 435790)

12:47: a0024933.dll (ID = 435783)

12:21: a0024951.dll (ID = 435780)

12:10: a0024917.dll (ID = 188192)

12:07: hotbar (ID = 2147489814)

12:05: Starting File Sweep

12:05: Cookie Sweep Complete, Elapsed Time: 00:00:00

12:05: perso@xiti[1].txt (ID = 3717)

12:05: Found Spy Cookie: xiti cookie

12:05: perso@atdmt[2].txt (ID = 2253)

12:05: Found Spy Cookie: atlas dmt cookie

12:05: Starting Cookie Sweep

12:05: Registry Sweep Complete, Elapsed Time:00:00:11

12:04: HKU\S-1-5-21-1506046959-1431672386-2025331583-1006\software\microsoft\internet explorer\toolbar\shellbrowser\ || {74cc49f7-eb32-4a08-b204-948962a6e3db} (ID = 685412)

12:04: HKU\S-1-5-21-1506046959-1431672386-2025331583-1006\software\microsoft\internet explorer\toolbar\webbrowser\ || {74cc49f7-eb32-4a08-b204-948962a6e3db} (ID = 127586)

12:04: Found Adware: hotbar/zango

12:04: Starting Registry Sweep

12:04: Memory Sweep Complete, Elapsed Time: 00:01:10

12:03: Starting Memory Sweep

12:03: Sweep initiated using definitions version 866

12:03: Spy Sweeper 5.3.2.2361 started

12:03: | Start of Session, mardi 13 mars 2007 |

***************

12:03: Program Version 5.3.2.2361 Using Spyware Definitions 866

12:03: Spy Sweeper 5.3.2.2361 started

12:03: | Start of Session, mardi 13 mars 2007 |

***************

11:49: ApplicationMinimized - EXIT

11:49: ApplicationMinimized - ENTER

Keylogger: Off

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites: Off

Hosts File Shield: On

Internet Communication Shield: On

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: Off

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

11:46: Shield States

11:46: Spyware Definitions: 866

11:45: Spy Sweeper 5.3.2.2361 started

11:45: Spy Sweeper 5.3.2.2361 started

11:45: | Start of Session, mardi 13 mars 2007 |

***************

12:02: Program Version 5.3.2.2361 Using Spyware Definitions 866

12:02: Spy Sweeper 5.3.2.2361 started

12:02: | Start of Session, mardi 13 mars 2007 |

***************

 

nouveau rapport HijackThis

 

Logfile of HijackThis v1.99.1

Scan saved at 14:38:02, on 13/03/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Slide\Slide.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\PROGRA~1\Mozilla Firefox\firefox.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\Program Files\Webroot\Spy Sweeper\SSU.EXE

C:\Program Files\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start

O4 - HKLM\..\Run: [Cpqset] "C:\Program Files\HPQ\Default Settings\cpqset.exe"

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RealTray] "C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe" SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9

O4 - Startup: Slide.exe.lnk = C:\Program Files\Slide\Slide.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540017} (CInstall Class) - http://www.eqoon.com/sp/cab/Install.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://celinico0.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

 

A suivre :P

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Salut !

 

Lancer HijackThis, (scan only ou scanner seulement) cocher les lignes suivantes si présentes:

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000

 

Fermer tous les programmes et navigateur, et Cliquer sur Fix Checked

 

Peux-tu faire s'il te plait un scan en ligne?=>

-Faire un scan en ligne ici et coller le rapport.

Panda si tu n'y arrives pas : tutorial

 

Attention!! Panda et Avast entrent en conflit, pour pouvoir télécharger le contrôle active x de Panda, il faut que tu désactives le bouclier web d'Avast le temps du scan.

 

A plus.

narsuack Member

narsuack

Posté(e)
  • Auteur
Posté(e)

Rapport panda :

 

Incident Statut Analyse

 

Outil indésirable:application/mywebsearch No Désinfecté hkey_classes_root\clsid\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

Adware:adware/wupd No Désinfecté Registre Windows

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.advertising.com/]

Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.weborama.fr/]

Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.revenue.net/]

Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[searchportal.information.com/]

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.bluestreak.com/]

Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.bs.serving-sys.com/]

Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.systemdoctor.com/]

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[stats.drivecleaner.com/]

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.drivecleaner.com/]

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[stats.drivecleaner.com/]

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[drivecleaner.com/]

Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.winantivirus.com/]

Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.adopt.hbmediapro.com/]

Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.apmebf.com/]

Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[go.winantispyware.com/Mjg3Mw==/2/422/]

Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.errorsafe.com/]

Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[fe.lea.lycos.fr/]

Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.metriweb.be/]

Spyware:Cookie/Atwola No Désinfecté C:\Documents and Settings\perso\Application Data\Mozilla\Firefox\Profiles\uy2rmizh.default\cookies.txt[.atwola.com/]

Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\perso\Cookies\perso@2o7[1].txt

Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\perso\Cookies\perso@atdmt[1].txt

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\perso\Cookies\perso@bluestreak[1].txt

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Cookies\perso@drivecleaner[1].txt

Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\perso\Cookies\perso@stats.drivecleaner[2].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\perso\Cookies\perso@xiti[1].txt

regis56 Godlike Member

regis56

Posté(e)
Posté(e)

Re

 

Ok fais ceci STP :

 

Télécharge ATF Cleaner par Atribune.

 

 

Double-clique ATF-Cleaner.exe afin de lancer le programme.

Sous l'onglet Main, choisis : Select All

Clique sur le bouton Empty Selected

 

Si tu utilises le navigateur Firefox :

  • Clique Firefox au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Si tu utilises le navigateur Opera :

  • Clique Opera au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Clique Exit, du menu prinicipal, afin de fermer le programme.

Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.

 

Ensuite suit ce tuto STP :

http://www.zebulon.fr/articles/regseeker-1.php

 

Refais un scan panda ensuite.

 

A plus.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...