3 réponses
bonjour si s'est un virus comence par sa
la 1er étape faire un scanne antivirus en ligne
http://www.bitdefender.fr/bd/site/page.php
2)
ensuite télécharger ewido
https://www.avg.com/en-ww/homepage faire les mise a jours
ad aware et spybot
http://www.infos-du-net.com/actualite/4771-ad-aware-spybot.html
installer le pack langue et faire les mise a jours
faire le nettoyage et virer tous ceux qu'ils trouvent
3)
ensuite un nettoyage avec ccleaner
https://filehippo.com/download_ccleaner/
4)
télécharger hijack this
http://www.infos-du-net.com/telecharger/tele454.html
5)
afficher les dossiers cachés
panneau de configuration ,options des des dossiers ,
cocher afficher les fichiers et dossiers cachés ,et décocher masquer les fichiers
protégés du systèmes d'exploitations.
6)
installer hijack this et clique sur l'onglet ( Do a System Scan an Save a Logfile )
et poser le log
@ ++ claude
la 1er étape faire un scanne antivirus en ligne
http://www.bitdefender.fr/bd/site/page.php
2)
ensuite télécharger ewido
https://www.avg.com/en-ww/homepage faire les mise a jours
ad aware et spybot
http://www.infos-du-net.com/actualite/4771-ad-aware-spybot.html
installer le pack langue et faire les mise a jours
faire le nettoyage et virer tous ceux qu'ils trouvent
3)
ensuite un nettoyage avec ccleaner
https://filehippo.com/download_ccleaner/
4)
télécharger hijack this
http://www.infos-du-net.com/telecharger/tele454.html
5)
afficher les dossiers cachés
panneau de configuration ,options des des dossiers ,
cocher afficher les fichiers et dossiers cachés ,et décocher masquer les fichiers
protégés du systèmes d'exploitations.
6)
installer hijack this et clique sur l'onglet ( Do a System Scan an Save a Logfile )
et poser le log
@ ++ claude
bonjour a tous alors voila j'ai tous scanner avec les liens que vous m'avez envoyer donc je vous les transmets merci ---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 16:26:25, 26/04/2006
+ Somme de contrôle: 40F1A886
+ Résultats du scan:
:mozilla.9:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.11:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.12:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.14:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.15:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.16:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.72:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.73:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.74:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.96:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.104:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.105:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.110:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.111:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.112:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.113:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.122:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.123:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.125:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.202:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.203:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.204:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.205:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.206:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.431:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.433:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.525:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.526:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
::Fin du rapport voici celui de ewido
et le nouveau hijack
Logfile of HijackThis v1.99.1
Scan saved at 16:51:00, on 26/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\lui\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B813C62-6FF6-44A2-B87F-60875ED3C6DC}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kaspersky Anti-Virus Service (kavsvc) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
alors voila qu'est ce qui ne va pas docteur ???
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 16:26:25, 26/04/2006
+ Somme de contrôle: 40F1A886
+ Résultats du scan:
:mozilla.9:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.11:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.12:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.14:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.15:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.16:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.31:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.72:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.73:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.74:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.96:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.104:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.105:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
:mozilla.110:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.111:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.112:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.113:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.122:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.123:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.125:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.202:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.203:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.204:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.205:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.206:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.431:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.433:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.525:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.526:C:\Documents and Settings\lui\Application Data\Mozilla\Firefox\Profiles\pip4d12i.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\lui\Cookies\lui@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
::Fin du rapport voici celui de ewido
et le nouveau hijack
Logfile of HijackThis v1.99.1
Scan saved at 16:51:00, on 26/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\lui\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B813C62-6FF6-44A2-B87F-60875ED3C6DC}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kaspersky Anti-Virus Service (kavsvc) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
alors voila qu'est ce qui ne va pas docteur ???
