[ Virus ?] System Alert : Malware threats

Voila, je l'ai télécharger, g scanner et suprimer.
Voici le rapport :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 14:54:04 26/10/2006

+ Scan result:



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YourSiteBar -> Adware.ISTBar : No action taken.
HKLM\SOFTWARE\YourSiteBar -> Adware.ISTBar : No action taken.
HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Adware.ISTBar : No action taken.
HKLM\SOFTWARE\YourSiteBar\Historysearch_term -> Adware.ISTBar : No action taken.
HKLM\SOFTWARE\PowerScan -> Adware.PowerScan : No action taken.
C:\Program Files\SideFind -> Adware.SideFind : No action taken.
C:\Program Files\SideFind\__delete_on_reboot__s_f_b_h_o_._d_l_l_ -> Adware.SideFind : No action taken.
C:\Program Files\SideFind\__delete_on_reboot__s_i_d_e_f_i_n_d_._d_l_l_ -> Adware.SideFind : No action taken.
C:\Program Files\SideFind\sfexd001 -> Adware.SideFind : No action taken.
C:\Program Files\SideFind\update -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper.1 -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CurVer -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder.1 -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder\CurVer -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Microsoft\SideFind -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\SideFind -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\SideFind\History -> Adware.SideFind : No action taken.
[1672] C:\Program Files\SideFind\sfbho.dll -> Adware.SideFind : No action taken.
[7968] C:\Program Files\SideFind\sfbho.dll -> Adware.SideFind : No action taken.
C:\Program Files\SurfAccuracy -> Adware.SurfAccuracy : No action taken.
C:\Program Files\SurfAccuracy\License.lnk -> Adware.SurfAccuracy : No action taken.
C:\Program Files\SurfAccuracy\SAcc.cfg -> Adware.SurfAccuracy : No action taken.
C:\Program Files\SurfAccuracy\SAccU.exe -> Adware.SurfAccuracy : No action taken.
C:\Program Files\SurfAccuracy\__delete_on_reboot__S_A_c_c_._e_x_e_ -> Adware.SurfAccuracy : No action taken.
C:\WINDOWS\vweksplo.exe -> Adware.SurfAccuracy : No action taken.
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : No action taken.
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : No action taken.
C:\Program Files\YourSiteBar\imagemap_normal.bmp -> Adware.YourSiteBar : No action taken.
C:\Program Files\YourSiteBar\version.txt -> Adware.YourSiteBar : No action taken.
C:\Program Files\YourSiteBar\yoursitebar.xml -> Adware.YourSiteBar : No action taken.
HKLM\SOFTWARE\Classes\Ysb.YsbObj -> Adware.YourSiteBar : No action taken.
HKLM\SOFTWARE\Classes\Ysb.YsbObj.1 -> Adware.YourSiteBar : No action taken.
HKLM\SOFTWARE\Classes\Ysb.YsbObj\CLSID -> Adware.YourSiteBar : No action taken.
HKLM\SOFTWARE\Classes\Ysb.YsbObj\CurVer -> Adware.YourSiteBar : No action taken.
C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\8T6NKP63\SystemDoctor2006FreeInstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.
C:\WINDOWS\system32\drivers\df_kmd.sys -> Rootkit.Agent.af : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\maison\Cookies\maison@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@bnkfastfind.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@gettyimages.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\maison\Cookies\maison@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\maison\Cookies\maison@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\maison\Cookies\maison@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\maison\Cookies\maison@volkswagen.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\maison\Cookies\maison@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@adjuggler[2].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ad.admarketplace[2].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@admarketplace[2].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\maison\Cookies\maison@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\maison\Cookies\maison@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\maison\Cookies\maison@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\maison\Cookies\maison@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\maison\Cookies\maison@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\maison\Cookies\maison@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ads13.bpath[1].txt -> TrackingCookie.Bpath : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@www.burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\maison\Cookies\maison@banner.casinolasvegas[2].txt -> TrackingCookie.Casinolasvegas : No action taken.
C:\Documents and Settings\maison\Cookies\maison@casinolasvegas[2].txt -> TrackingCookie.Casinolasvegas : No action taken.
C:\Documents and Settings\maison\Cookies\maison@casinotropez[1].txt -> TrackingCookie.Casinotropez : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@banner.clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@bilbo.counted[2].txt -> TrackingCookie.Counted : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\maison\Cookies\maison@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\maison\Cookies\maison@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@as-eu.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\maison\Cookies\maison@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\maison\Cookies\maison@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\maison\Cookies\maison@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\maison\Cookies\maison@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-adteractive.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-bluesouth.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-foxmovies.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-hitent.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-mybc.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-netquote.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-ogilvy.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ehg-nestlefr.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ehg-sonyesolutions.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\maison\Cookies\maison@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@hotlog[1].txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@sales.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\maison\Cookies\maison@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\maison\Cookies\maison@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\maison\Cookies\maison@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\maison\Cookies\maison@overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ads.planetactive[2].txt -> TrackingCookie.Planetactive : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\maison\Cookies\maison@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\maison\Cookies\maison@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\maison\Cookies\maison@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\maison\Cookies\maison@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\maison\Cookies\maison@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\maison\Cookies\maison@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@www.sidefind[1].txt -> TrackingCookie.Sidefind : No action taken.
C:\Documents and Settings\maison\Cookies\maison@www.sidefind[2].txt -> TrackingCookie.Sidefind : No action taken.
C:\Documents and Settings\maison\Cookies\maison@www.sidefind[3].txt -> TrackingCookie.Sidefind : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\maison\Cookies\maison@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@spylog[1].txt -> TrackingCookie.Spylog : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@anad.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\maison\Cookies\maison@targetnet[1].txt -> TrackingCookie.Targetnet : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\maison\Cookies\maison@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@trafficmp[2].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\maison\Cookies\maison@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@pr.valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\maison\Cookies\maison@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@web-stat[1].txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@weborama[1].txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\maison\Cookies\maison@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\maison\Cookies\maison@wreport.weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\maison\Cookies\maison@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\maison\Cookies\maison@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\TEMP\Cookies\maison@zedo[1].txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\maison\Cookies\maison@zedo[2].txt -> TrackingCookie.Zedo : No action taken.


::Report end

Voici le rapport :

Logfile of HijackThis v1.99.1
Scan saved at 13:52:05, on 26/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\TrueCodec\isamonitor.exe
C:\Program Files\TrueCodec\pmsngr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\SurfAccuracy\SAcc.exe
C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\TrueCodec\pmmon.exe
C:\Program Files\TrueCodec\isamini.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\TEMP\Bureau\Nouveau dossier\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\TrueCodec\isaddon.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Program Files\YourSiteBar\ysb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program Files\TrueCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\program\quickstart.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)





Merci de bien vouloir faire se que tu peut pour m'aider.

bonsoir voila le rapport de l'analyse j'attend une reponse pour savoir ce que je doi faire par la suite,merci

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:50:43, on 01/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\HyperTechnologies\Deep Freeze\DfServEx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HyperTechnologies\Deep Freeze\_$Df\FrzState.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Menara\dslmon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\DWTRIG20.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Bureau\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.menara.ma/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.menara.ma/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Menara
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera LTI301P
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D57ECEBF-D97A-48B4-9519-019C7B3E21A2}: NameServer = 212.217.0.13 212.217.1.4
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: amaretti - {2fdde73c-273e-4e55-84dc-455de06e4866} - (no file)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: DFServEx - Hyper Technologies Inc. - C:\Program Files\HyperTechnologies\Deep Freeze\DfServEx.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

wwww

Comment je fait pour faire "delete" quand le scan est fini?

Pour Ccleaner, c'est bon j'ai compris comment sa marche

Je croit qu'il y a un petit probléme par rapport a Ccleaner, j'ai fait le scan plus de 20 fois, et il revient toujours le même seul et unique probléme "Police inexistante - Box alphabe?() - HKLM\Software\Microsoft\Windows NT\Current Version\Fonts


Et voici le rapport de Blacklight :


10/27/06 10:40:08 [Info]: BlackLight Engine 1.0.47 initialized
10/27/06 10:40:08 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/27/06 10:40:08 [Note]: 7019 4
10/27/06 10:40:08 [Note]: 7005 0
10/27/06 10:40:10 [Note]: 7006 0
10/27/06 10:40:10 [Note]: 7011 368
10/27/06 10:40:10 [Note]: 7026 0
10/27/06 10:40:10 [Note]: 7026 0
10/27/06 10:40:15 [Note]: FSRAW library version 1.7.1020
10/27/06 10:42:31 [Note]: 2000 1012
10/27/06 10:42:31 [Note]: 2000 1012
10/27/06 10:42:31 [Note]: 2000 1012
10/27/06 10:42:31 [Note]: 2000 1012
10/27/06 10:43:50 [Note]: 7007 0

Merci, mais mon probléme est toujours présent.

Lorsque je lance Internet Explorer, au lieu de me lancer sur ma page d'acceuil habituelle, sa m'envoie sur un site, me disant que j'ai un probléme de virus. Et une fenétre s'éffiche, elle sit sa:



Warning!

W32.Pysor.FK@yf is a virus that infects files with .exe extensions. It attempts to steal passwords and privates information from the infected computer.

Type: Virus
Infection Length : 138,293 bytes
Systems Affected: Windows 95, 98, ME, NT (all versions), 2003, Windows Xp (all service packs)
Systems Not Affected: DOS, EPOC, Linux, Macintosh, Novell Netware, OS/2, UNIX
Technical details : 1. Creates files in %Windir%\ directory. By default, this is c:\Windows.
2. Adds values to registry keys: HKEY_LOCAL_MNACHINE\Software\Microsoft\Windows\CurrentVersion\Run
3. Scans the hard drive for .exe files and infects any executable files.
Searches for passwords/information, whiwh it may send to a remote attacker.
Recomendations : Clik "OK" to download officially approved security software. Always keep your patch levels up-to-date.

Case "OK" - Case "Annuler"



Et puis j'ai toujours le triangle jaune clignotant qui s'affiche de temps en temps, avec des message d'erreur. Des fenétres qui s'ouvrent seuls (pop-up je pense) et qui m'invitent a acheter des antivirus et autre.

Et j'ai également constater que mon ordinateur est un peu moins rapide depuis ce matin, il est long a afficher les page web, à ouvrir mes document,...

Tu pense que sa vient de quoi?

Voila le rapport.


Logfile of HijackThis v1.99.1
Scan saved at 18:28:49, on 27/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\TrueCodec\pmsngr.exe
C:\Program Files\TrueCodec\pmmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\TEMP\Bureau\acbde.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\TrueCodec\isaddon.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\program\quickstart.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

C'est bon, j'ai pu suprimer MSN Apps, et True Codec (en utilisant le mode sans échec).

Et voici le rapport de SmitfraudFix :




SmitFraudFix v2.114

Rapport fait à 22:10:13,42, 27/10/2006
Executé à partir de C:\Program Files\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TEMP


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TEMP\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\TEMP\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

bonjour, j'ai le meme problème que system alert malware threats et je n'arrive pas à supprimer video activex access