[Résolu] Inspection d'un rapport HijackThis
Inspection d'un rapport HijackThis [Résolu] - Sécurité - Windows & Software
Marsh Posté le 27-08-2006 à 14:07:04
re,
Si durant la procedure ci bas, il y a des etapes que tu n'as pas reussi a faire, merci de
continuer la procedure jusqu'au bout et de les signaler dans ta prochaine reponse.
1/Télécharge la version d'évaluation d'Ewido:
http://www.ewido.net/en/download/
Installe la et mets à jour.
Démarre Ewido avec l'icône qui se trouve sur ton Bureau.
Clique sur [color=#3333FF]Update Now[/color],
attend la fin de cette mise à jour,
puis ferme le programme.
2/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html
3/
demarrer/panneau de configuration/ajouts et suppresions de programmes et verifie la presence de:
VMN Toolbar
si ce programme est present desinstalle le.
4/lance hijackthis en cliquant sur do a scan system only coche ces lignes:
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloa [...] taller.exe
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://kr.pristontale.com/nprotect/keycrypt/npkcx.cab
Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked
5/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:
| Citation : Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage : |
6/supprime ce qui est en gras:
C:\program files\ VMNTOOLBAR<== tout le dossier
7/ Relance Ewido et clique sur [color=#3333FF]Scanner [/color]
Puis sur l'onglets [color=#3333FF]Settings[/color], pour [color=#3333FF]How to Act [/color]sélèctionne [color=#3333FF]Quarantine[/color].
Reviens a l'onglet [color=#3333FF]Scan[/color] cliques [color=#3333FF]Complete system Scan[/color].
Le scan démarre.
A la fin cliquer sur [color=#3333FF]Apply all actions[/color]
Puis sur [color=#3333FF]Save report [/color]et pour finir [color=#3333FF]Save report as[/color] enregistrer sur le Bureau.
8/redemarre en mode normal
9/poste le rapport d'ewido ainsi qu'un nouveau log hijackthis.
11/Télécharge [color=blue]Blacklight[/color] (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe
bon courage, et si tu as la moindre question n'hesite surtout pas 
@+
Marsh Posté le 27-08-2006 à 15:31:11
Ouah ! Franchement super cool de ta part ! Merci beaucoup !
Je viens de finir le travail en mode sans échec. Et je te poste les deux rapports. Par contre je dois m'absenter un petit moment donc je reviendrais vers 16 ou 17 heure pour finir le travail.
Sinon, juste un petit détail, je n'ai pas pu cocher 2 ligne dans Hisjackthis, car elles n'y étaient pas.
C'était celles-ci :
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
Je venais de supprimer les dossier et logiciels, c'est certainement pour sa qu'elles n'y étaient plus, je pense.
Rapport HisJackThis :
[cpp]Logfile of HijackThis v1.99.1
Scan saved at 15:23:27, on 27/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\LeChacal\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 83.143.18.36
O1 - Hosts: 83.143.18.36 L2authd.lineage2.com #L2Run connect to 83.143.18.36
O1 - Hosts: 83.143.18.36 L2testauthd.lineage2.com #L2Run connect to 83.143.18.36
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [A64Tweaker] "C:\Documents and Settings\LeChacal\Bureau\A64Tweaker\\a64tweaker.exe" C:\Documents and Settings\LeChacal\Bureau\A64Tweaker\\startup.a64
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "d:\jeux\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD07EBF4-8860-49DB-86D3-AB47969D1A1F}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: npkcsvc - Unknown owner - C:\WINDOWS\System32\npkcsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Rapport ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 15:16:49 27/08/2006
+ Scan result:
C:\RECYCLER\S-1-5-21-73586283-1500820517-725345543-500\Dc1\vmntoolbar.dll -> Adware.BHO : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Local Settings\Temp\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined).
C:\RECYCLER\S-1-5-21-73586283-1500820517-725345543-500\Dc1\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Mes documents\Mes fichiers reçus\MsgPlus-301.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dllcache\win32\psshutdown.exe -> Not-A-Virus.HackTool.Win32.Brumer.e : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dllcache\win32\red.exe -> Not-A-Virus.RemoteAdmin.Win32.NirComLine.12 : Cleaned with backup (quarantined).
:mozilla.253:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.254:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.255:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.557:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.558:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.559:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.560:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.561:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.562:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.700:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.719:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.730:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.404:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.409:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.410:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.411:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.403:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.405:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.406:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.412:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.413:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.260:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.217:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.218:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.219:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.220:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.221:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.386:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.567:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.7:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.893:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.436:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
:mozilla.437:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
:mozilla.438:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.86:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
:mozilla.344:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Etracker : Cleaned with backup (quarantined).
:mozilla.345:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Etracker : Cleaned with backup (quarantined).
:mozilla.350:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Etracker : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.609:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.689:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.690:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.691:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.692:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.693:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.694:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.321:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.322:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.323:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.324:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.325:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.326:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.242:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.278:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.605:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.714:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.766:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.770:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.338:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.339:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.769:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.776:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
:mozilla.341:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.232:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.459:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.460:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.296:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.297:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.298:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.300:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.534:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.535:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.536:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.537:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.538:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.503:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.504:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.505:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.506:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.507:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.508:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.509:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.510:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.511:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.512:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.513:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.514:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.515:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.516:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.517:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.518:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.519:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.520:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.521:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.522:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.759:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.762:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.808:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@spylog[1].txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
:mozilla.592:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.593:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.594:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.42:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.43:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.44:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.464:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.573:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.574:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.251:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.252:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.840:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.185:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.187:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.188:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.189:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.190:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.191:C:\Documents and Settings\LeChacal\Application Data\Mozilla\Firefox\Profiles\mdi023z7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\LeChacal\Cookies\lechacal@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
::Report end
Marsh Posté le 27-08-2006 à 18:31:14
Bon voila je viens de finir tout se que tu m'as dis de faire.
Voila le rapport BlackLight : (il n'a rien trouvé apparement)
08/27/06 18:25:24 [Info]: BlackLight Engine 1.0.46 initialized
08/27/06 18:25:24 [Info]: OS: 5.1 build 2600 (Service Pack 1)
08/27/06 18:25:25 [Note]: 7019 4
08/27/06 18:25:25 [Note]: 7005 0
08/27/06 18:25:26 [Note]: 7006 0
08/27/06 18:25:26 [Note]: 7011 1484
08/27/06 18:25:26 [Note]: 7026 0
08/27/06 18:25:26 [Note]: 7026 0
08/27/06 18:25:30 [Note]: FSRAW library version 1.7.1019
08/27/06 18:27:57 [Note]: 2000 1006
08/27/06 18:29:16 [Note]: 7007 0
Merci pour tout, dis moi si tu vois d'autres truck indésirable !
Bye Bye
Marsh Posté le 28-08-2006 à 10:54:46
Bonjour,
Ton rapport est propre
As tu encore des pubs de system doctor?
Marsh Posté le 28-08-2006 à 12:21:09
Ben à priorie non... C'est à dire qu'elle venait une fois par jour, mais maintenant j'ai aucun signe d'elle depuis hier !
Donc je te remercie énormément !
Bye Bye
Message édité par sinistroz le 28-08-2006 à 12:22:22
Marsh Posté le 28-08-2006 à 13:47:11
re,
content que tu n'es plus de pubs
Si tu n'as pu de problemes pense a mettre la question en resolu, pour se faire tu edites ton
titre (premier message) et tu mets devant [résolu]
@+
Sujets relatifs:
- [Résolu] Partage de connexion internet impossible
- [Résolu] MSN Forwarding et FREE
- problème relever courrier entre incrédimail et yahoo C'est résolu.
- [Résolu] Changement de numéros de licence
- (résolu) Nouveau processus DRONE.EXE suspect ?
- Rapport HijackThis.
- Rapport HiJackThis
- {invite de commande désactivé par votre admin,je sus l'admin}[resolu]
Marsh Posté le 27-08-2006 à 11:06:04
Salut,
Etant donné que je me retrouve souvent avec une page de pub sur un certain anti-virus "doctor je sais plus quoi..." je viens poser mon rapport HijackThis.
Je me suis servit de ce site http://www.hijackthis.de/fr#anl mais certaine ligne me laisse perplexe...
Donc, je fais appel aux HijackThis Man Pro pour me filer un petit coup de main pour enlever ce parasite, et par la même occasion voir si aucun autre petit intrus c'est encrassé dans ma bécane.
J'utilise Avast, Spybot, ad-aware.
Merci pour votre future aide, je l'espère !
Voilà le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 20:15:31, on 26/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\ctfmon.exe
D:\jeux\steam\steam.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\LeChacal\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 83.143.18.36
O1 - Hosts: 83.143.18.36 L2authd.lineage2.com #L2Run connect to 83.143.18.36
O1 - Hosts: 83.143.18.36 L2testauthd.lineage2.com #L2Run connect to 83.143.18.36
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [A64Tweaker] "C:\Documents and Settings\LeChacal\Bureau\A64Tweaker\\a64tweaker.exe" C:\Documents and Settings\LeChacal\Bureau\A64Tweaker\\startup.a64
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "d:\jeux\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn. [...] nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloa [...] taller.exe
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://kr.pristontale.com/nprotect/keycrypt/npkcx.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD07EBF4-8860-49DB-86D3-AB47969D1A1F}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: npkcsvc - Unknown owner - C:\WINDOWS\System32\npkcsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Message édité par sinistroz le 28-08-2006 à 14:28:04