[Methode préliminaire de desinfection] Résolu/Fermé

Question

Bonjour,Voici comme le dit le post de 'Christopher' le rapport de scan, merci a tous ceux qui pourront me l'interpreter.Je continue la procedure avec le scan de bitdefender--------------------------------------------------------- ewido anti-malware - Rapport de scan--------------------------------------------------------- + Créé le:		20:19:58, 15/04/2006 + Somme de contrôle:	889CE24D + Résultats du scan:	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\DefaultIcon -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell\open -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell\open\Command -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell\open\ddeexec -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell\open\ddeexec\Application -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\Classes\e-Surveiller.Logfile\Shell\open\ddeexec\Topic -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\SurveilleTech -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\SurveilleTech\e-Surveiller -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKLM\SOFTWARE\SurveilleTech\e-Surveiller\1.x -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKU\S-1-5-21-2383087476-2418095233-2659453562-1008\Software\SurveilleTech -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKU\S-1-5-21-2383087476-2418095233-2659453562-1008\Software\SurveilleTech\e-Surveiller -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKU\S-1-5-21-2383087476-2418095233-2659453562-1008\Software\SurveilleTech\e-Surveiller\1.x -> Adware.e-Surveiller : Nettoyer et sauvegarder	HKU\S-1-5-21-2383087476-2418095233-2659453562-1008\Software\SurveilleTech\e-Surveiller\1.x\Log Viewer -> Adware.e-Surveiller : Nettoyer et sauvegarder	:mozilla.13:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder	:mozilla.17:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder	:mozilla.19:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.20:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.21:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.31:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder	:mozilla.32:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.34:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.35:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.38:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.39:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.43:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\woi8nm4v.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder	:mozilla.6:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.8:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.9:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.11:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.12:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.13:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder	:mozilla.14:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.15:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.16:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder	:mozilla.17:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder	:mozilla.19:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder	:mozilla.22:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.23:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.24:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.25:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder	:mozilla.26:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder	:mozilla.53:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder	:mozilla.54:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder	:mozilla.55:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder	:mozilla.56:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder	:mozilla.58:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder	:mozilla.74:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder	:mozilla.82:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder	:mozilla.83:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder	:mozilla.100:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder	:mozilla.101:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder	:mozilla.102:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder	:mozilla.103:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder	:mozilla.197:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder	:mozilla.200:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder	:mozilla.201:C:\Documents and Settings\Olivier\Application Data\Mozilla\Firefox\Profiles\mjvy67q6.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder	C:\Documents and Settings\Olivier\Cookies\olivier@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder	C:\Documents and Settings\Olivier\Cookies\olivier@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder::Fin du rapport

Kristopher · Answer

Salut,Qui est 'Christopher' ?

Calizero · Answer

BitDefender Online Scanner - Rapport virus en temps réel	 	 Généré à: Sat, Apr 15, 2006 - 21:34:41 	 	 Info d'analyse	 	 Fichiers scannés	469817Infectés Fichiers	0	 	  	 	 Virus Détectés	 	 Aucun virus trouvé.		 	  	 	  	 	 Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.	 	  Logfile of HijackThis v1.99.1Scan saved at 21:42:39, on 15/04/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\Shared Files\CamTray.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\QuickTime\qttask.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\WINDOWS\system32\drivers\Icon.exeC:\Apps\Powercinema\PCMService.exeC:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\Mr.S Production\NetBus Detective\Detect50.exeC:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\System32\FTRTSVC.exeC:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exeC:\Program Files\Securitoo\Controle Parental\bin\optproxy.exeC:\WINDOWS\system32\slserv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Camfrog\Camfrog Video Chat 3.5\Camfrog Video Chat.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\ewido anti-malware\ewidoguard.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\PROGRA~1\MOZILL~1\FIREFOX.EXEC:\Program Files\Outlook Express\msimn.exeC:\Downloads\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portailR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WanadooR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLLR3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} -  - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dllO4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exeO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe"  -osbootO4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [TrustInstaller] D:\Setup.exeO4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorunO4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.5\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.5\Camfrog Video Chat.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO4 - Startup: MSN Messenger 7.5 (2).lnk = C:\Program Files\MSN Messenger\msnmsgr.exeO4 - Startup: NetBus Detective.lnk = C:\Program Files\Mr.S Production\NetBus Detective\Detect50.exeO4 - Startup: Outlook Express (2).lnk = C:\Program Files\Outlook Express\msimn.exeO4 - Startup: Run VNC Server (2).lnk = C:\Program Files\RealVNC\VNC4\winvnc4.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXEO4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.htmlO8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htmO16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = leleuO17 - HKLM\Software\..\Telephony: DomainName = leleuO17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = leleuO17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = leleuO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exeO23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exeO23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exeO23 - Service: Securitoo Control Parental (OPTENET_FILTER) - Securitoo - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exeO23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeO23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\winvnc4.exe" -service (file missing) voili voilou le rapport de scan de bitdefender et celui de hijackA+

Calizero · Answer

Hello,Ne voyant pas de reponse, je suppose que tous lemonde fete la fete Pascal, A+

Calizero · Answer

Bonjoir,Y'as t'il quelqu'un qui peut finir de m'eguiller, svp?

Calizero · Answer

bonjour,Ecouter je suis surpris que persone prenne le relais, bon ben tampis.Bonne continuation a tous.

Regis59 · Answer

SalutPeux tu detailler tes soucis stpa+

green day · Answer

Salut De plus aucune reponse de qui que ce soit alors je me demander pourquoi, quesque j'ai fait ou ne pas fait enfin bref d'ou mon surnon "cali 0" dans ce cas, il ne faut pas hesité à faire un pti " up" pour que l'on/ je te vois ;-) je laisse le pro continuer ... ++

Regis59 · Answer

Bonjour, :-)Des Up, il en a fait quelques uns.... lolTélécharge HijackThis ici: https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html Dézippe le dans un dossier prévu à cet effet. Par exemple C:\hijackthis < Enregistre le bien dans c : ! Démo : (Merci a Balltrap34 pour cette réalisation)   http://pageperso.aol.fr/balltrap34/Hijenr.gif Lance le puis: clique sur "do a system scan and save logfile" (cf démo) faire un copier coller du log entier sur le forumDémo : (Merci a Balltrap34 pour cette réalisation)   http://pageperso.aol.fr/balltrap34/demohijack.htm	Bon courageA+

Calizero · Answer

Bonjour,Voici voila le resultat du log HijackLogfile of HijackThis v1.99.1Scan saved at 10:16:32, on 21/04/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Creative\Shared Files\CamTray.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\QuickTime\qttask.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\WINDOWS\system32\drivers\Icon.exeC:\Apps\Powercinema\PCMService.exeC:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exeC:\Program Files\Outlook Express\msimn.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\Program Files\ewido anti-malware\ewidoguard.exeC:\WINDOWS\System32\FTRTSVC.exeC:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exeC:\Program Files\Securitoo\Controle Parental\bin\optproxy.exeC:\WINDOWS\system32\slserv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Camfrog\Camfrog Video Chat 3.5\Camfrog Video Chat.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portailR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WanadooR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLLR3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} -  - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dllO4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exeO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe"  -osbootO4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [TrustInstaller] D:\Setup.exeO4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorunO4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.5\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.5\Camfrog Video Chat.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO4 - Startup: MSN Messenger 7.5 (2).lnk = C:\Program Files\MSN Messenger\msnmsgr.exeO4 - Startup: NetBus Detective.lnk = C:\Program Files\Mr.S Production\NetBus Detective\Detect50.exeO4 - Startup: Outlook Express (2).lnk = C:\Program Files\Outlook Express\msimn.exeO4 - Startup: Run VNC Server (2).lnk = C:\Program Files\RealVNC\VNC4\winvnc4.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXEO4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.htmlO8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htmO16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = leleuO17 - HKLM\Software\..\Telephony: DomainName = leleuO17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = leleuO17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = leleuO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exeO23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exeO23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exeO23 - Service: Securitoo Control Parental (OPTENET_FILTER) - Securitoo - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exeO23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeO23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\winvnc4.exe" -service (file missing)

Regis59 · Answer

Re,Rend toi sur ce site :http://www.virustotal.com/xhtml/virustotal_en.html Clik sur parcourirRecherche ceci :C:\WINDOWS\system32\drivers\Icon.exe Clik send et colle le rapport stpA+

Calizero · Answer

Voila,Complete scanning result of "Icon.exe", received in VirusTotal at 04.21.2006, 10:52:44 (CET).Antivirus	Version	Update	ResultAntiVir	6.34.0.24	04.20.2006	no virus foundAvast	4.6.695.0	04.20.2006	no virus foundAVG	386	04.20.2006	no virus foundAvira	6.34.0.56	04.21.2006	no virus foundBitDefender	7.2	04.21.2006	no virus foundCAT-QuickHeal	8.00	04.21.2006	no virus foundClamAV	devel-20060202	04.21.2006	no virus foundDrWeb	n	-	no virus foundeTrust-InoculateIT	23.71.135	04.21.2006	no virus foundeTrust-Vet	12.4.2171	04.21.2006	no virus foundEwido	3.5	04.21.2006	no virus foundFortinet	2.71.0.0	04.21.2006	no virus foundF-Prot	3.16c	04.19.2006	no virus foundIkarus	0.2.59.0	04.20.2006	no virus foundKaspersky	4.0.2.24	04.21.2006	no virus foundMcAfee	4745	04.20.2006	no virus foundNOD32v2	1.1499	04.21.2006	no virus foundNorman	5.90.16	04.20.2006	no virus foundPanda	9.0.0.4	04.20.2006	no virus foundSophos	4.04.0	04.21.2006	no virus foundSymantec	8.0	04.21.2006	no virus foundTheHacker	5.9.7.132	04.21.2006	no virus foundUNA	1.83	04.20.2006	no virus foundVBA32	3.10.5	04.19.2006	no virus foundAditional InformationFile size: 221184 bytesMD5: b3c7742d6cb04080e0f8d28246dd0d21SHA1: 76a3c171dfbf4aa47048965aaf9968e4dd383a45

Regis59 · Answer

Re,Quels soucis as tu? Le log ne me dis rien qui puisse laisser entrevoir une infection....a+

Calizero · Answer

Je n'ai pas de problemes de disfonctionnement mais comme je te le disais precedement je reçois tous les jour des mails bizard ex: viagra rolex, des investissement bidon, meme des mails veroléque avast me bloc, etc) donc je penssais que j'avais peut etre des problemes d'infection.(car pourquoi suis-je visés?)Je suis en train de changer d'adresse E-mail justement pout parré tous ces messages, donc je peut dormir sur mes deux oreiile alors!!!

Regis59 · Answer

SalutTu es spammé tout simplement.Change d adresses et scan ton pc avec ceci aussi:1/Spybot S&D 1.4 <<nouvelle version.https://www.safer-networking.org/ Démo d’utilisation (merci à Balltrap34 pour cette réalisation).http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm2/Ad-Aware SE 1.06 <<nouvelle version.https://www.adaware.com/ -Une aide:http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc - installe le patch français, tu pourras le trouver ici: http://download.lavasoft.de.edgesuite.net/public/pllangs.exe et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).http://pageperso.aol.fr/balltrap34/adawrevid.asfa+

Cyanure · Answer

Bonjour, Voici comme le dit le post de 'Christopher' le rapport de scan de bitdefender. 
merci d'avance pour ceux qui voudrons bien m'aider a résoudre ces "problemes"  car je ne comprends pas trop
voili voilou,  j'attends des réponses  ;)


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	21:06:03 09/11/2007

 + Résultat de l'analyse:	



C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\cyanure@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.


Fin du rapport

Lucien · Answer

Bonjour, 
cyanure

Où sont les autres rapports?

Cyanure · Answer

Bonjour, Lucienoups excuse moi j'ai mis l'autre rapport sur une autre page et c'est assez bete maintenant que j'y pense ;)
(je n'ai pas réussi a faire le scan en ligne ca ne marchait pas)

Donc je renvoie mes deux rapports voila pour AVG antispiware :


AVG Anti-Spyware - Rapport d'analyse 
--------------------------------------------------------- 

+ Créé à: 21:06:03 09/11/2007 

+ Résultat de l'analyse: 



C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@msnportal.112.2o7[1 ].txt -> TrackingCookie.2o7 : Nettoyé. 
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé. 
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\cyanure@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. 
C:\Users\cyanure\AppData\Roaming\Microsoft\Windows\Cookies\Low\cyanure@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé. 


Fin du rapport

Et voila pour hijacki


Logfile of Trend Micro HijackThis v2.0.2 
Scan saved at 21:22:35, on 09/11/2007 
Platform: Windows Vista (WinNT 6.00.1904) 
MSIE: Internet Explorer v7.00 (7.00.6000.16546) 
Boot mode: Normal 

Running processes: 
C:\Windows\system32\Dwm.exe 
C:\Windows\Explorer.EXE 
C:\Program Files\Windows Defender\MSASCui.exe 
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 
C:\Windows\RtHDVCpl.exe 
C:\Program Files\Common Files\Symantec Shared\ccApp.exe 
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE 
C:\Users\cyanure\AppData\Local\Temp\RtkBtMnt.exe 
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 
C:\Windows\system32	askeng.exe 
C:\Program Files\Launch Manager\LManager.exe 
C:\Program Files\Apoint2K\Apoint.exe 
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe 
C:\Windows\ehome\ehtray.exe 
C:\Program Files\Apoint2K\ApMsgFwd.exe 
C:\Windows\ehome\ehmsas.exe 
C:\Program Files\Apoint2K\Apntex.exe 
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE 
C:\Program Files\MSN Messenger\msnmsgr.exe 
C:\Program Files\Skype\Phone\Skype.exe 
C:\Program Files\Skype\Plugin Manager\skypePM.exe 
C:\Program Files\Internet Explorer\IEUser.exe 
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe 
C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe 
C:\Program Files\Internet Explorer\iexplore.exe 
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe 
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe 
C:\Windows\system32\SearchFilterHost.exe 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/ 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/ 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/ 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/ 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O1 - Hosts: ::1 localhost 
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll 
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll 
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll 
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll 
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide 
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" 
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe 
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" 
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" 
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe 
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe 
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe 
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe 
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized 
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe 
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') 
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe 
O4 - Global Startup: Empowering Technology Launcher.lnk = ? 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll 
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll 
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll 
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL 
O13 - Gopher Prefix: 
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL 
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe 
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe 
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe 
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe 
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe 
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe 
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe 
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe 

End of file - 8394 bytes 

voili voilou  :p

[Methode préliminaire de desinfection]

17 réponses

Discussions similaires