Sujet Précédent Sujet Suivant

Infecté par Myzor

SCHILLS Messages postés 3 Statut Membre -  
SCHILLS Messages postés 3 Statut Membre -
Bonjour
Je viens 'avoir une icône d'alerte qui me revoie sur Spydawn et des alertes d'infections W32 Myzor.
J'ai fait tourner SPYBOT et SmitfraudFix dont les deux rapports sont les suivants:

SmitFraudFix v2.146

Rapport fait à 11:44:03,96, 02/03/2007
Executé à partir de C:\Documents and Settings\moi\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\moi

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\moi\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\moi\Favoris

C:\DOCUME~1\moi\Favoris\Online Security Test.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Internet Security\ PRESENT !
C:\Program Files\SpyDawn\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{634be415-da12-496b-b89e-329b73c4807f}"="cam"

[HKEY_CLASSES_ROOT\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

ET

SmitFraudFix v2.146

Rapport fait à 11:50:50,14, 02/03/2007
Executé à partir de C:\Documents and Settings\moi\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{634be415-da12-496b-b89e-329b73c4807f}"="cam"

[HKEY_CLASSES_ROOT\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé
C:\DOCUME~1\moi\Favoris\Online Security Test.url supprimé
C:\Program Files\Internet Security\ supprimé
C:\Program Files\SpyDawn\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{634be415-da12-496b-b89e-329b73c4807f}"="cam"

[HKEY_CLASSES_ROOT\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\System32\tvomnc.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Ainsi que FIXWHAREOUT, dont voici le rapport

Fixwareout Last edited 2/11/2007
Post this report in the forums please
...
»»»»»Prerun check

»»»»» System restarted

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.

Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or https://virusscan.jotti.org/

»»»»» Other

»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrackPointSrv"="tp4mon.exe"
"S3Hotkey"="s3hotkey.exe"
"Creative WebCam Tray"="C:\\Program Files\\Creative\\WebCam Control\\CAMTRAY.EXE"
"Disc Detector"="C:\\Program Files\\Creative\\ShareDLL\\CtNotify.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»

Le problème subsiste, que puis-je faire ?

Merci par avance pour votre aide.

3 réponses

Réponse 1 / 3
Jean-François Pillou Messages postés 19261 Date d'inscription   Statut Webmaster Dernière intervention   63 279
 
virus infecte par w32 myzor fk yf#1
0
Réponse 2 / 3
SCHILLS Messages postés 3 Statut Membre
 
BJR jeff, peux-tu m'aider ?
0
Réponse 3 / 3
SCHILLS Messages postés 3 Statut Membre
 
Pour JEFF
entretemps j'ai deux autres rapports, EWINDO et hi jack

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:25:22 02/03/2007

+ Résultat de l'analyse:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034655.ini -> Adware.Qworke : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034700.exe -> Adware.SpyHeal : Ignoré.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe -> Adware.WinFixer : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034653.exe -> Downloader.Zlob.ang : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034677.exe -> Downloader.Zlob.ang : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034685.exe -> Downloader.Zlob.ang : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034692.exe -> Downloader.Zlob.ang : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034652.exe -> Downloader.Zlob.bov : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034676.exe -> Downloader.Zlob.bov : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034684.exe -> Downloader.Zlob.bov : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP83\A0034696.exe -> Downloader.Zlob.bov : Ignoré.
C:\WINDOWS\system32\ipv6mons.dll -> Logger.BZub.fh : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP53\A0013086.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
:mozilla.11:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.12:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.13:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.8:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.118:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.137:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.344:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.491:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.54:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.587:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.590:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.59:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.60:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.61:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.621:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.62:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.63:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.647:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.64:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.65:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.66:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.67:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.68:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.69:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.70:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.71:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.72:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.73:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.98:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.99:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.106:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.107:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.36:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.38:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.39:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.40:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.53:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.226:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Com : Ignoré.
:mozilla.844:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.845:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.846:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.239:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Dealtime : Ignoré.
:mozilla.255:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.256:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.257:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.258:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.259:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.260:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.261:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.262:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.263:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.264:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.265:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.266:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.267:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.268:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.269:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.270:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.271:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.272:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.273:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.274:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.275:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.276:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.277:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.278:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.343:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.900:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.901:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.902:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.903:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.904:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.905:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.471:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Ivwbox : Ignoré.
:mozilla.826:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Matchcraft : Ignoré.
:mozilla.827:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Matchcraft : Ignoré.
:mozilla.828:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Matchcraft : Ignoré.
:mozilla.629:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.630:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.631:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.656:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.100:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.101:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.102:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.103:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.318:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Ru4 : Ignoré.
:mozilla.194:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.19:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.24:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.25:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.27:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.28:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.790:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.791:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.792:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.793:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.21:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.22:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.23:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.26:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.819:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.820:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\pgdfkcxa.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\System Volume Information\_restore{48D6E1F5-12AC-4BED-ADEF-0C6E2AB69DC8}\RP64\A0025248.exe -> Trojan.Agent.aaw : Ignoré.

Fin du rapport

et hijak

Logfile of HijackThis v1.99.1
Scan saved at 14:26:32, on 02/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\tp4mon.exe
C:\WINDOWS\System32\s3hotkey.exe
C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\WINDOWS\System32\CTSVCCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\moi\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Mona FM Toolbar - {e79279ce-25b4-44d6-9c04-9d739deb4061} - C:\Program Files\Mona_FM\tbMona.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Mona FM Toolbar - {e79279ce-25b4-44d6-9c04-9d739deb4061} - C:\Program Files\Mona_FM\tbMona.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSVCCDA.EXE
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
0

Discussions similaires

infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses
Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
simon
sisititi -
azert1313 -

1 réponse
Powershell infecté
Bal2bin -
MisteryBean -

8 réponses