Infection par spygoldun

cancun123 -  
sperdu Messages postés 33 Statut Membre -
Bonjour,

J'ai un souci avec le troyen spygoldun.
J'ai scanné en suivant la procédure indiquée sur le site avec Hijackthis.

Voici le résultat. Qu'en pensez-vous ? Je suis nulle en informatique.
Merci de votre réponse.
cancun123

Logfile of HijackThis v1.99.1
Scan saved at 10:47:36, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\Program Files\Larousse\Petit Larousse 2003\bin\HiPL2002popup.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Jeannin\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: (no name) - {BF55256A-3B3B-11D2-B05B-000001145917} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HyperappelPL2003] C:\Program Files\Larousse\Petit Larousse 2003\bin\HiPL2002popup.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06b72b0ffa820c60f617/netzip/RdxIE601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BC2408A-5656-46F6-A5EA-32212DFB10F6}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{3BC2408A-5656-46F6-A5EA-32212DFB10F6}: NameServer = 80.10.246.130 80.10.246.3
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

5 réponses

  1. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour

    telecharge et execute ces antispywares ( pense a les mettre a jour avant de les lancées)
    (1) ad-aware version 1.06

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo
    http://pageperso.aol.fr/balltrap34/adwseflash.zip
    ***
    (2) spybot version 1.4

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite

    voir demo d utilisation
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
    ***

    ps : un grand merci a balltrap pour les lien :)

    (3) AVG anti spyware
    https://www.01net.com/telecharger/

    Copier/coller le rapport entier sur le forum. (n'oublie pas de le mettre a jour avant de lancer le scan)
    NB suis les instruction du tutoriel
    http://www.malekal.com/tutorial_AVG_AntiSpyware.html
    http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    (4)SmitfraudFix

    http://siri.urz.free.fr/Fix/SmitfraudFix.zip
    Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport

    Clik send et colle le rapport stp Copie/colle le sur le poste stp.

    supprime les fichiers inutiles (fichiers temporaire , cookies .. ect avec ceci

    Ccleaner
    https://www.malekal.com/tutoriel-ccleaner/

    a+++
    0
  2. cancun123 Messages postés 2 Statut Membre
     
    Merci beaucoup pour ta réponse !!!

    Désolé de mettre une semaine pour répondre (emploi du temps chargé).///

    Voici les rapports, sachant que SmitfraudFix ne s'exécute pas sur ma machine.

    Le reste : AVGAS, SPYBOT, ADAWARE, CLEANER ont été téléchargés et exécutés comme selon tes conseils.

    Petite info probablement importante : tous les problèmes ont commencé à partir du moment où WINDOWS m'a informé que je n'avais pas de version légale...ce qui est vrai. Le message "vous êtes exposé à des risques" ou à peu près "version illégale" s'affiche dès le démarrage de la machine depuis le mois de juin 06 - PC et logiciel acquis en 2003 - après un téléchargement de MAJ de WINDOWS.

    Dois-je me procurer une version officielle pour cesser d'être la cible de troyens, virus, etc. ? J'ai antivir comme antivirus, + Zone alarm, peut-êre devrais-je passer à AVAST ?

    Merci encore pour tous tes conseils super précieux, quand on est nul en informatique.

    Bonne journée
    Cancun123

    Ad-Aware SE Build 1.06r1
    Logfile Created on:samedi 16 décembre 2006 11:29:41
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R139 12.12.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):19 total references
    Windows(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    16-12-2006 11:29:41 - Scan started. (Smart mode)

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 4076
    ThreadCreationTime : 16-12-2006 10:22:30
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Windows Object Recognized!
    Type : RegData
    Data : "%1" %*
    TAC Rating : 3
    Category : Vulnerability
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : scrfile\shell\open\command
    Value :
    Data : "%1" %*

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 1

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Deep scanning and examining files...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\WINDOWS
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Disk Scan Result for C:\WINDOWS\system32
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Disk Scan Result for C:\DOCUME~1\Jeannin\LOCALS~1\Temp\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    MRU List Object Recognized!
    Location: : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d

    MRU List Object Recognized!
    Location: : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\medialibraryui
    Description : last selected node in the microsoft windows media player media library

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\player\settings
    Description : last open directory used in jasc paint shop pro

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\preferences
    Description : last cd record path used in microsoft windows media player

    MRU List Object Recognized!
    Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\10.0\common\general
    Description : list of recently used symbols in microsoft office

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\excel\recent files
    Description : list of recent files used by microsoft excel

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\powerpoint\recent file list
    Description : list of recent files used by microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\powerpoint\recent typeface list
    Description : list of recently used typefaces in microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : list of recent skins in realplayer

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : list of recent clips in realplayer

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : last login time in realplayer

    MRU List Object Recognized!
    Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    MRU List Object Recognized!
    Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 20

    11:30:02 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:00:20.500
    Objects scanned:83254
    Objects identified:1
    Objects ignored:0
    New critical objects:1

    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 12:12:18 16/12/2006

    + Résultat de l'analyse:

    HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Ignoré.
    HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Ignoré.
    HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Ignoré.
    C:\Program Files\SE -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\Adi_Rmv.exe -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\Adiout.bat -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\Adiout.pif -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\Props16.dll -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\adminchk.dll -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\props32.dll -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\smwdm.inf -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\smwdm.sys -> Adware.WindowEnhancer : Ignoré.
    C:\Program Files\SE\smx.cat -> Adware.WindowEnhancer : Ignoré.
    :mozilla.10:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.11:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.12:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.13:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.14:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.7:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.8:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.9:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
    :mozilla.59:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
    :mozilla.70:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
    :mozilla.42:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
    :mozilla.43:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
    :mozilla.46:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
    :mozilla.47:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
    :mozilla.48:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
    :mozilla.49:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
    :mozilla.29:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
    :mozilla.17:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
    :mozilla.16:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
    :mozilla.30:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
    :mozilla.55:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
    :mozilla.26:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
    :mozilla.27:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
    :mozilla.28:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
    :mozilla.39:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
    :mozilla.24:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
    :mozilla.25:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
    :mozilla.60:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
    :mozilla.61:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
    :mozilla.62:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.

    Fin du rapport
    0
  3. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour pas grave pour le retard :p

    alors concernant avg antispyware pour supprimer ce qu'il a trouver fait comme suit

    Relance AVG AS puis choisis l'onglet "Analyse"
    Puis l'onglet "Paramètres"
    Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine" ou "supprimer"

    /!\ Si un fichier est infecté en fin d'analyse /!\
    Clique sur "Appliquer toutes les actions "

    Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
    Enregistre ce fichier texte sur ton bureau et colle le raport ici :)

    concernant windows oui il serai preferable d'aquerrir la version original car avec la version que tu as . tu ne poura jamais effectuer de nouvelle mise ajour . je vois que tu as le sp2 ce qui est deja une bonne protection mais a l'avenir si une nouvelle mise a jour ce presente tu poura pas l'installé

    sinon apart ca esque ton Antivirus te detecte toujour le trojan?

    a+++
    0
  4. cancun123 Messages postés 2 Statut Membre
     
    Merci Salwa.

    J'ai essayé de t'envoyer le rapport hier soir, mais il semble qu'il y avait des pbs avec le site.

    Voici le rapport de l'analyse faite le 17/12.

    Qu'en penses-tu ?

    Pour la version WINDOWS, oui, je crois qu'il faut faire qqchose...

    Merci encore pour tes conseils
    Cancun 123

    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 21:31:12 17/12/2006

    + Résultat de l'analyse:

    HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Aucune action entreprise.
    HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Aucune action entreprise.
    HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Aucune action entreprise.
    C:\Program Files\SE -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\Adi_Rmv.exe -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\Adiout.bat -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\Adiout.pif -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\Props16.dll -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\adminchk.dll -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\props32.dll -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\smwdm.inf -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\smwdm.sys -> Adware.WindowEnhancer : Aucune action entreprise.
    C:\Program Files\SE\smx.cat -> Adware.WindowEnhancer : Aucune action entreprise.
    :mozilla.10:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.11:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.12:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.13:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.14:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.15:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.16:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.17:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.8:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.9:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
    :mozilla.74:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
    :mozilla.81:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
    :mozilla.31:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
    :mozilla.32:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
    :mozilla.33:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
    :mozilla.62:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.63:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.64:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.65:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
    :mozilla.53:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
    :mozilla.58:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
    :mozilla.18:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
    :mozilla.89:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
    :mozilla.27:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
    :mozilla.78:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
    :mozilla.79:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
    :mozilla.19:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.20:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.21:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.22:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
    :mozilla.76:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
    :mozilla.77:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
    :mozilla.83:C:\Documents and Settings\Jeannin\Application Data\Mozilla\Firefox\Profiles\npogqyma.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.

    Fin du rapport

    ogfile Created on:dimanche 17 décembre 2006 17:40:42
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R139 12.12.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):21 total references
    Tracking Cookie(TAC index:3):1 total references
    Windows(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    17-12-2006 17:40:42 - Scan started. (Smart mode)

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 552
    ThreadCreationTime : 17-12-2006 15:33:04
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 632
    ThreadCreationTime : 17-12-2006 15:33:08
    BasePriority : Normal

    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 656
    ThreadCreationTime : 17-12-2006 15:33:08
    BasePriority : High

    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 700
    ThreadCreationTime : 17-12-2006 15:33:09
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Applications Services et Contrôleur
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 712
    ThreadCreationTime : 17-12-2006 15:33:09
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 856
    ThreadCreationTime : 17-12-2006 15:33:09
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 924
    ThreadCreationTime : 17-12-2006 15:33:10
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 972
    ThreadCreationTime : 17-12-2006 15:33:10
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1020
    ThreadCreationTime : 17-12-2006 15:33:10
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1116
    ThreadCreationTime : 17-12-2006 15:33:10
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1352
    ThreadCreationTime : 17-12-2006 15:33:11
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:12 [aswupdsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1484
    ThreadCreationTime : 17-12-2006 15:33:11
    BasePriority : Normal

    #:13 [ashserv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1496
    ThreadCreationTime : 17-12-2006 15:33:12
    BasePriority : High
    FileVersion : 4, 7, 889, 0
    ProductVersion : 4, 7, 0, 0
    ProductName : avast! Antivirus
    FileDescription : avast! antivirus service
    InternalName : aswServ
    LegalCopyright : Copyright (c) 2006 ALWIL Software
    OriginalFilename : aswServ.exe

    #:14 [guard.exe]
    FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
    ProcessID : 1520
    ThreadCreationTime : 17-12-2006 15:33:12
    BasePriority : Normal
    FileVersion : 7, 5, 0, 47
    ProductVersion : 7, 5, 0, 47
    ProductName : AVG Anti-Spyware
    CompanyName : Anti-Malware Development a.s.
    FileDescription : AVG Anti-Spyware guard
    InternalName : AVG Anti-Spyware guard
    LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
    OriginalFilename : guard.exe

    #:15 [nvsvc32.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1584
    ThreadCreationTime : 17-12-2006 15:33:12
    BasePriority : Normal
    FileVersion : 6.14.10.5216
    ProductVersion : 6.14.10.5216
    ProductName : NVIDIA Driver Helper Service, Version 52.16
    CompanyName : NVIDIA Corporation
    FileDescription : NVIDIA Driver Helper Service, Version 52.16
    InternalName : NVSVC
    LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
    OriginalFilename : nvsvc32.exe

    #:16 [sdhelp.exe]
    FilePath : C:\Program Files\Spyware Doctor\
    ProcessID : 1616
    ThreadCreationTime : 17-12-2006 15:33:13
    BasePriority : Normal
    FileVersion : 3.6.0.2026
    ProductVersion : 3.6
    ProductName : Spyware Doctor
    CompanyName : PC Tools Research Pty Ltd

    #:17 [smagent.exe]
    FilePath : C:\Program Files\Analog Devices\SoundMAX\
    ProcessID : 1732
    ThreadCreationTime : 17-12-2006 15:33:15
    BasePriority : Normal
    FileVersion : 3, 2, 5, 0
    ProductVersion : 3, 2, 5, 0
    ProductName : SoundMAX service agent
    CompanyName : Analog Devices, Inc.
    FileDescription : SoundMAX service agent component
    InternalName : SMAgent
    LegalCopyright : Copyright © 2002
    OriginalFilename : SMAgent.exe

    #:18 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 384
    ThreadCreationTime : 17-12-2006 15:33:32
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Explorateur Windows
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : EXPLORER.EXE

    #:19 [ashmaisv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 416
    ThreadCreationTime : 17-12-2006 15:33:33
    BasePriority : Normal

    #:20 [ashwebsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 580
    ThreadCreationTime : 17-12-2006 15:33:35
    BasePriority : Normal

    #:21 [wgatray.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 608
    ThreadCreationTime : 17-12-2006 15:33:36
    BasePriority : Normal
    FileVersion : 1.5.0540.0
    ProductVersion : 1.5.0540.0
    ProductName : Windows Genuine Advantage
    CompanyName : Microsoft Corporation
    FileDescription : Windows Genuine Advantage Notification
    InternalName : WgaNotify
    LegalCopyright : © 1995-2006 Microsoft Corporation
    OriginalFilename : WgaTray.exe

    #:22 [carpserv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 344
    ThreadCreationTime : 17-12-2006 15:33:37
    BasePriority : Normal
    FileVersion : 6.01.05
    ProductVersion : 6.01.05
    ProductName : Conexant carpserv
    CompanyName : Conexant Systems
    FileDescription : carpserv
    InternalName : carpserv
    LegalCopyright : Copyright© Conexant Systems, Inc. 2003
    OriginalFilename : carpserv.exe

    #:23 [cnxmon.exe]
    FilePath : C:\PROGRA~1\WANADOO\
    ProcessID : 824
    ThreadCreationTime : 17-12-2006 15:33:38
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application CnxMon
    FileDescription : Application MFC CnxMon
    InternalName : CnxMon
    LegalCopyright : Copyright (C) 2001
    OriginalFilename : CnxMon.EXE

    #:24 [startmessager.exe]
    FilePath : C:\PROGRA~1\MESSAG~1\
    ProcessID : 864
    ThreadCreationTime : 17-12-2006 15:33:38
    BasePriority : Normal
    FileVersion : 3, 1, 0, 10
    ProductVersion : 3, 1, 0, 10
    ProductName : Demon Messager
    CompanyName : France Telecom
    FileDescription : StartMessager
    InternalName : Demon
    OriginalFilename : StartMessager.exe

    #:25 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1252
    ThreadCreationTime : 17-12-2006 15:33:40
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:26 [taskbaricon.exe]
    FilePath : C:\PROGRA~1\WANADOO\
    ProcessID : 1792
    ThreadCreationTime : 17-12-2006 15:33:42
    BasePriority : Normal
    FileVersion : 5.6 (2)
    ProductVersion : 5.6 (2)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Gestion de l'icône de la barre des tâches
    InternalName : TaskBarIcon
    LegalCopyright : Copyright (C) France Télécom R&D 1999 - 2003
    OriginalFilename : TaskBarIcon.exe

    #:27 [hipl2002popup.exe]
    FilePath : C:\Program Files\Larousse\Petit Larousse 2003\bin\
    ProcessID : 2124
    ThreadCreationTime : 17-12-2006 15:33:43
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : HIPL2000Popup Application
    FileDescription : HIPL2000Popup MFC Application
    InternalName : HIPL2000Popup
    LegalCopyright : Copyright (C) 1999
    OriginalFilename : HIPL2000Popup.EXE

    #:28 [realsched.exe]
    FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
    ProcessID : 2148
    ThreadCreationTime : 17-12-2006 15:33:43
    BasePriority : Normal
    FileVersion : 0.1.0.1622
    ProductVersion : 0.1.0.1622
    ProductName : RealOne Player (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : realsched.exe

    #:29 [smtray.exe]
    FilePath : C:\Program Files\Analog Devices\SoundMAX\
    ProcessID : 2156
    ThreadCreationTime : 17-12-2006 15:33:43
    BasePriority : Normal
    FileVersion : 3, 2, 10, 0
    ProductVersion : 3, 2, 10, 0
    ProductName : SoundMAX Integrated Digital Audio
    CompanyName : Analog Devices, Inc.
    FileDescription : SoundMAX System Tray
    InternalName : SMTray
    LegalCopyright : Copyright © 2001 Analog Devices
    OriginalFilename : SMTray.exe

    #:30 [avgas.exe]
    FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
    ProcessID : 2196
    ThreadCreationTime : 17-12-2006 15:33:45
    BasePriority : Normal
    FileVersion : 7, 5, 0, 50
    ProductVersion : 7, 5, 0, 50
    ProductName : AVG Anti-Spyware
    CompanyName : Anti-Malware Development a.s.
    FileDescription : AVG Anti-Spyware
    InternalName : AVG Anti-Spyware
    LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
    OriginalFilename : avgas.exe

    #:31 [rnathchk.exe]
    FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
    ProcessID : 2204
    ThreadCreationTime : 17-12-2006 15:33:45
    BasePriority : Normal
    FileVersion : 7.0.0.1176
    ProductVersion : 7.0.0.1176
    ProductName : RealOne Player (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks ATH Check App
    InternalName : rnathchk
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : rnathchk.EXE

    #:32 [ashdisp.exe]
    FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
    ProcessID : 2228
    ThreadCreationTime : 17-12-2006 15:33:45
    BasePriority : Normal
    FileVersion : 5, 0, 0, 0
    ProductVersion : 5, 0, 0, 0
    ProductName : avast! Antivirus
    FileDescription : avast! service GUI component
    InternalName : aswDisp
    LegalCopyright : Copyright (c) 2006 ALWIL Software
    OriginalFilename : aswDisp.exe

    #:33 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2244
    ThreadCreationTime : 17-12-2006 15:33:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:34 [rundll32.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2256
    ThreadCreationTime : 17-12-2006 15:33:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Exécuter une DLL en tant qu'application
    InternalName : rundll
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : RUNDLL.EXE

    #:35 [googletoolbarnotifier.exe]
    FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\
    ProcessID : 2288
    ThreadCreationTime : 17-12-2006 15:33:47
    BasePriority : Normal
    FileVersion : 1, 2, 908, 5008
    ProductVersion : 1, 2, 908, 5008
    ProductName : GoogleToolbarNotifier
    CompanyName : Google Inc.
    FileDescription : GoogleToolbarNotifier
    LegalCopyright : Copyright © 2005-2006
    OriginalFilename : GoogleToolbarNotifier.exe

    #:36 [swdoctor.exe]
    FilePath : C:\Program Files\Spyware Doctor\
    ProcessID : 2336
    ThreadCreationTime : 17-12-2006 15:33:52
    BasePriority : Normal
    FileVersion : 4.0.0.2620
    ProductVersion : 3.6
    ProductName : Spyware Doctor
    CompanyName : PC Tools Research Pty Ltd
    FileDescription : Spyware Doctor
    InternalName : Spyware Doctor
    LegalCopyright : Copyright (c) 2005. Distributed by PC Tools Research Pty Ltd
    OriginalFilename : swdoctor.exe

    #:37 [dslmon.exe]
    FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\
    ProcessID : 2500
    ThreadCreationTime : 17-12-2006 15:34:06
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : DSLMON Application
    FileDescription : ADIMON MFC Application
    InternalName : DSLMON
    LegalCopyright : Copyright (C) 2000
    OriginalFilename : ADIMON.EXE

    #:38 [wuauclt.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2968
    ThreadCreationTime : 17-12-2006 15:34:54
    BasePriority : Normal
    FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
    ProductVersion : 5.8.0.2469
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Mises à jour automatiques
    InternalName : wuauclt.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : wuauclt.exe

    #:39 [espacewanadoo.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 2848
    ThreadCreationTime : 17-12-2006 16:17:20
    BasePriority : Normal
    FileVersion : 5.6 (213)
    ProductVersion : 5.6 (213)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Espace Client
    InternalName : EspaceClient
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : EspaceClient.exe

    #:40 [comcomp.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 2864
    ThreadCreationTime : 17-12-2006 16:17:21
    BasePriority : Normal
    FileVersion : 5.5 (379)
    ProductVersion : 5.5 (379)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Module de communication
    InternalName : ComComp
    LegalCopyright : Copyright (C) France Télécom R&D 1999- 2002
    OriginalFilename : ComComp.exe

    #:41 [watch.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 3028
    ThreadCreationTime : 17-12-2006 16:17:25
    BasePriority : Normal
    FileVersion : 5.5 (81)
    ProductVersion : 5.5 (81)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Surveillance des modifications
    InternalName : Watch
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2002
    OriginalFilename : Watch.exe

    #:42 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 616
    ThreadCreationTime : 17-12-2006 16:40:25
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Windows Object Recognized!
    Type : RegData
    Data : "%1" %*
    TAC Rating : 3
    Category : Vulnerability
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : scrfile\shell\open\command
    Value :
    Data : "%1" %*

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 1

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : jeannin@ads.addynamix[1].txt
    TAC Rating : 3
    Category : Data Miner
    Comment : Hits:5
    Value : Cookie:jeannin@ads.addynamix.com/
    Expires : 18-12-2006 17:35:34
    LastSync : Hits:5
    UseCount : 0
    Hits : 5

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 2

    Deep scanning and examining files...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\WINDOWS
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 2

    Disk Scan Result for C:\WINDOWS\system32
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 2

    Disk Scan Result for C:\DOCUME~1\Jeannin\LOCALS~1\Temp\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 2

    Scanning Hosts file......
    Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 2

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\Jeannin\recent
    Description : list of recently opened documents

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\medialibraryui
    Description : last selected node in the microsoft windows media player media library

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\player\settings
    Description : last open directory used in jasc paint shop pro

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\mediaplayer\preferences
    Description : last cd record path used in microsoft windows media player

    MRU List Object Recognized!
    Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\10.0\common\general
    Description : list of recently used symbols in microsoft office

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\excel\recent files
    Description : list of recent files used by microsoft excel

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\powerpoint\recent file list
    Description : list of recent files used by microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\office\9.0\powerpoint\recent typeface list
    Description : list of recently used typefaces in microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\search assistant\acmru
    Description : list of recent search terms used with the search assistant

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : list of recent skins in realplayer

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : list of recent clips in realplayer

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\realnetworks\realplayer\6.0\preferences
    Description : last login time in realplayer

    MRU List Object Recognized!
    Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    MRU List Object Recognized!
    Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    MRU List Object Recognized!
    Location: : S-1-5-21-299502267-220523388-839522115-1003\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 23

    17:42:23 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:01:41.484
    Objects scanned:88430
    Objects identified:2
    Objects ignored:0
    New critical objects:2
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonsoir concernant avg voici comment faire pour supprimer ce qu'il t'a trouvé

    Relance AVG AS puis choisis l'onglet "Analyse"
    Puis l'onglet "Paramètres"
    Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
    revien dans l'onglet analyse

    Clique sur "Appliquer toutes les actions "

    Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
    Enregistre ce fichier texte sur ton bureau ensuite colle le raport ici

    ensuite peu tu m'expliquer pourquoi smitfraud ne se lance pas sur ton ordi?? y'a t'il un message d'erreur?

    a++
    0
    1. sperdu Messages postés 33 Statut Membre
       
      bsr salwa c sperdu! comen vas tu?
      je tavai di ke dici peu on se recontacterai! rire
      en effet, la derniere fois ona pas du reussir a eliminer cette saleté de bestiole!
      la page d'accueil change toujour mais cette fois ci
      c msn qui est mis d'office
      et l'ecran se trouble!
      des ke tu a un moment a m'accorder tu peu jeter un cou d'oeil sus mon cas stp? merci salwa!
      mon sujet est : [virus] pas éliminé
      A+++
      0