Trojan.nebuler
caro2605
Messages postés
2
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
bonjour à vous,
j'ai un ordi avec le système d'exploitation windows xp professional. Il semblerait qu'il soit infecté par trojan.nebuler. J'ai téléchargé hijackthis comme expliqué sur le site. Je vous envoie le résultat du scan :
Logfile of HijackThis v1.99.1
Scan saved at 20:40:47, on 1/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Wireless LAN Utility\SISCFG.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NI.UWAS6V_0001_N68M1103] "C:\WINDOWS\Downloaded Program Files\UWAS6V_0001_N68M1103NetInstaller.exe" -nag
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
De plus, mon antivirus (norton security online) a été endommagé et je ne sais plus le désinstaller pour le réinstaller.
Merci d'avance pour les réponses qui me parviendront.
j'ai un ordi avec le système d'exploitation windows xp professional. Il semblerait qu'il soit infecté par trojan.nebuler. J'ai téléchargé hijackthis comme expliqué sur le site. Je vous envoie le résultat du scan :
Logfile of HijackThis v1.99.1
Scan saved at 20:40:47, on 1/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Wireless LAN Utility\SISCFG.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NI.UWAS6V_0001_N68M1103] "C:\WINDOWS\Downloaded Program Files\UWAS6V_0001_N68M1103NetInstaller.exe" -nag
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
De plus, mon antivirus (norton security online) a été endommagé et je ne sais plus le désinstaller pour le réinstaller.
Merci d'avance pour les réponses qui me parviendront.
2 réponses
Slaut,
clic sur C:, Windows, Downloaded program files et vide le contenu de ce même dossier
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Ewido
clic sur C:, Windows, Downloaded program files et vide le contenu de ce même dossier
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Ewido
Salut,
maintenant,
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5BD9967C-ECC4-4966-BEBB-D9C6F32EDED4} - C:\WINDOWS\system32\gebcc.dll (file missing)
O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - C:\WINDOWS\system32\sqckedog.dll
O2 - BHO: (no name) - {B7B25194-3C6C-4534-B54C-C02EBFBC9459} - C:\WINDOWS\system32\conbcc.dll (file missing)
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O20 - AppInit_DLLs:
O20 - Winlogon Notify: conbcc - conbcc.dll (file missing)
O20 - Winlogon Notify: gebcc - C:\WINDOWS\system32\gebcc.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)
Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"
Boonty Games < sauf si tu utilises encore
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Puis
Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l option 1 copie le rapport ici stp
maintenant,
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5BD9967C-ECC4-4966-BEBB-D9C6F32EDED4} - C:\WINDOWS\system32\gebcc.dll (file missing)
O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - C:\WINDOWS\system32\sqckedog.dll
O2 - BHO: (no name) - {B7B25194-3C6C-4534-B54C-C02EBFBC9459} - C:\WINDOWS\system32\conbcc.dll (file missing)
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O20 - AppInit_DLLs:
O20 - Winlogon Notify: conbcc - conbcc.dll (file missing)
O20 - Winlogon Notify: gebcc - C:\WINDOWS\system32\gebcc.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)
Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"
Boonty Games < sauf si tu utilises encore
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Puis
Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l option 1 copie le rapport ici stp
merci pour tes conseils que je me suis empressée de suivre. Voici les rapports que tu m'as demandé :
ewido/
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 9:11:48 2/10/2006
+ Scan result:
C:\Program Files\Safety Bar -> Adware.Generic : Cleaned.
C:\Program Files\Safety Bar\Uninstall.bat -> Adware.Generic : Cleaned.
HKU\S-1-5-21-1292428093-515967899-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned.
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\QuickTime\qttask.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\iTunes\iTunesHelper.exe -> Downloader.Agent.awf : Cleaned.
C:\WINDOWS\Downloaded Program Files\UWAS6V_0001_N68M1103NetInstaller.exe -> Downloader.Agent.awf : Cleaned.
C:\WINDOWS\system32\ctfmon.exe -> Downloader.Agent.awf : Cleaned.
C:\WINDOWS\system32\hphmon05.exe -> Downloader.Agent.awf : Cleaned.
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe -> Downloader.Agent.awf : Cleaned.
[2228] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe -> Downloader.Agent.awf : Error during cleaning.
C:\WINDOWS\Temp\win5D.tmp.exe -> Downloader.Small.dod : Cleaned.
C:\Documents and Settings\Administrateur\Local Settings\Temp\ICD1.tmp\UWAS6V_0001_N68M1103NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned.
C:\WINDOWS\Downloaded Program Files\bak\UWAS6V_0001_N68M1103NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned.
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Cleaned.
:mozilla.10:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.8:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.9:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.206:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.275:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.276:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.226:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.227:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.228:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.109:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.216:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.326:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.327:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.262:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.106:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.263:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.264:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.265:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.24:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.199:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@estat[1].txt -> TrackingCookie.Estat : Cleaned.
:mozilla.146:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.147:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.148:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.149:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.150:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.281:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.133:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.141:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.32:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.33:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.34:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.35:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.36:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.37:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.38:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.42:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.245:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.246:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.247:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.248:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.249:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.128:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.183:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.184:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.320:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.328:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.368:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.11:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.13:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.14:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.349:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.350:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.351:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.401:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.402:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.118:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.119:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.120:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.251:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.252:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.51:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.101:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.270:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.271:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.272:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\sry2czs0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 9:14:23, on 2/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ScanPanel\ScnPanel.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\Program Files\Wireless LAN Utility\SISCFG.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5BD9967C-ECC4-4966-BEBB-D9C6F32EDED4} - C:\WINDOWS\system32\gebcc.dll (file missing)
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - C:\WINDOWS\system32\sqckedog.dll
O2 - BHO: (no name) - {B7B25194-3C6C-4534-B54C-C02EBFBC9459} - C:\WINDOWS\system32\conbcc.dll (file missing)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: conbcc - conbcc.dll (file missing)
O20 - Winlogon Notify: gebcc - C:\WINDOWS\system32\gebcc.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\DJSNETCN.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe