Cheval de Troie - ac8zt2 Fermé

Question

Bonjour,


Je n'arrive pas à me débarrasser d'un trojan, ac8zt2, est-ce que quelqu'un pourrait m'aider ?
Avast continue sans cesse de m'alerter qu'un cheval de troie a été trouvé, mais j'ai beau mettre en quarantaine tous les fichiers, il revient toujours... :(

Merci de m'aider svp... !


Voici mon rapport de Hijackthis : 


Logfile of HijackThis v1.99.1
Scan saved at 18:29:26, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Thunderbird	hunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\MLANIE~1\LOCALS~1\Temp\Rar$EX00.172\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {5EF40AC5-1BBE-4436-A9E3-F129C0D605D8} - C:\WINDOWS\vipextoxn.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul0.dll
O3 - Toolbar: The voipwet - {D4170A6E-8CE3-444B-ACA4-B3A0AF12C55C} - C:\WINDOWS\voipwet.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: jetctrl - {39C89D6E-89D5-4122-B171-0C44A0009D7C} - C:\WINDOWS\jetctrl.dll
O21 - SSODL: msmhost - {552CC876-959C-40EC-B1A5-7A94156017DC} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {4E5BC539-9117-474D-B40F-AD1DDAC32496} - C:\WINDOWS\msmdev.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

Expert1 · Answer

salut , 

1. Desactiver le restauration du systeme 
2. Afficher les fichiers et dossiers masqués 
3. Ce debarrasser des fichiers temporaires avec Cleanup40 
4. Nettoyer ta base de registre avec Regseeker 
( https://www.01net.com/telecharger/windows/Utilitaire/systeme/fiches/29399.html ) 
5. Faire un scan avec ton anti-virus et tes logiciels anti-spyware (spybot, a²free , ad-aware , ect.. ) 
6. En profiter pour faire un scan anti-virus en ligne 
- https://www.bitdefender.fr/ 
7. Puis faire ce scan en ligne anti-spyware 
- https://www.trendmicro.com/en_us/forHome/products/housecall.html 
8. Faire un scan avec Hijack colle le rapport sur le forum pour une verification si tu ne comprends rien avec les lignes. 
9. Si ton rapport est correct, reactiver la restauration du systeme, puis recacher les fichiers. 
10. le mode sans echec utilise le, si tu as un fichier persistant detecté par spybot ou autre.

jlpjlp · Answer

slt,

desinstalle via ton panneau de configuration:

Multi Media France Toolbar

_______________


smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php




2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général) 

3/ puis refaire comme en 2/ mais sélectionne l'option 2 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée
________________


AVG antispyware

https://www.01net.com/telecharger/

Tuto : 
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html


->Relance AVG AS -> "Analyse" ->"Paramètres" 

Sous la question "Comment réagir ?" : 

-> clique sur "Actions recommandées" et choisis "Quarantaines" 
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système" 

Si un fichier est infecté en fin d'analyse 

->Clique sur "Appliquer toutes les actions " 

->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous". 

->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici

______________________

recole ensuite un rapport hijackthis et dis tes soucis

Expert1 · Answer

tu es infecte

rudyrital · Answer

Rends toi sur ce site :
https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier :  C:\WINDOWS\voipwet.dll





Clique sur send.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse. 

de meme avec ceux ci :

C:\WINDOWS\jetctrl.dll
C:\WINDOWS\msmhost.dll
C:\WINDOWS\msmdev.dll

jlpjlp · Answer

slt a tous ces 4 fichiers sont inféctés par:

Zlob downloader variant, a member of the SmitFraud malware family

rudyrital · Answer

salut jlpjlp et expert1 , vous m'avez pris de cour :)

dur dur de se remettre dans le bain apres 3 mois d'absence !

je vous laisse continuer ce topic, 
a plus

jlpjlp · Answer

j'imagine qu'au bout de 3 mois...

mais tu es le bien venu!

a plus

Massanie Tari · Answer

Tout d'abord, merci beaucoup de m'avoir répondue ! ;-)

J'ai effectué toutes les étapes, et voici le rapport Smit Fraud Fix :


SmitFraudFix v2.257

Rapport fait à 20:34:15,54, 02/12/2007
Executé à partir de C:\Apps\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\jetctrl.dll supprimé
Deleting [HKEY_CLASSES_ROOT\CLSID\{39C89D6E-89D5-4122-B171-0C44A0009D7C}]
C:\WINDOWS\msmdev.dll supprimé
Deleting [HKEY_CLASSES_ROOT\CLSID\{4E5BC539-9117-474D-B40F-AD1DDAC32496}]
C:\WINDOWS\msmhost.dll supprimé
Deleting [HKEY_CLASSES_ROOT\CLSID\{552CC876-959C-40EC-B1A5-7A94156017DC}]
C:\WINDOWS\nretcip.exe supprimé
C:\WINDOWS\nsduo.dll supprimé
C:\Program Files\RichVideoCodec\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{49BDA66D-477A-4852-8CE5-7F496CCC6435}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{49BDA66D-477A-4852-8CE5-7F496CCC6435}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{49BDA66D-477A-4852-8CE5-7F496CCC6435}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Reboot

C:\WINDOWS\vipextoxn.dll supprimé 
C:\WINDOWS\voipwet.dll supprimé 
 

»»»»»»»»»»»»»»»»»»»»»»»» Fin







Puis le rapport AVG AS :


---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	21:41:16 02/12/2007

 + Résultat de l'analyse:	



:mozilla.170:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.359:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.360:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.361:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.295:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.296:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.297:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.379:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.442:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.166:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.167:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.168:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.177:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.178:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.229:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.230:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.557:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.558:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.321:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.322:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.323:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.324:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.325:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.326:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.227:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adserver : Nettoyé.
:mozilla.228:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adserver : Nettoyé.
:mozilla.298:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.31:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.32:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.54:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.55:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.56:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.57:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.68:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.69:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.70:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.71:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.72:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.73:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.253:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.79:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.63:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.74:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.186:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.590:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.593:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.596:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.6:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.121:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.30:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.300:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.301:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.302:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.303:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.304:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.137:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.248:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.249:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.250:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.251:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.252:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.180:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.553:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.554:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.273:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.274:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.275:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.276:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.277:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.120:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.121:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.217:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.218:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.18:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.19:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.587:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.523:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.524:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.194:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.74:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.467:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.468:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.201:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.202:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.75:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.76:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.14:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.15:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.16:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.17:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.18:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.19:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.24:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.80:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.81:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.156:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.157:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.158:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.35:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.36:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.37:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.38:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.119:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.223:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.224:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.225:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.226:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.319:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.320:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.130:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.131:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.307:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.308:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.233:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.485:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.204:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.205:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.25:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.26:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.27:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.28:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.63:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.64:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.65:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.66:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mélanie\Cookies\mélanie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.670:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.202:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.203:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.204:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.205:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.206:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.126:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.129:C:\[Mozilla]\Mélanie\dcvdbw9q.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.172:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.173:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.174:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.175:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.176:C:\Documents and Settings\Mélanie\Application Data\Mozilla\Firefox\Profiles\gcr0xue4.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport








Hijackthis :


Logfile of HijackThis v1.99.1
Scan saved at 21:43:28, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\MLANIE~1\LOCALS~1\Temp\Rar$EX00.094\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe





Je crois que le problème est résolu car Avast ne me met plus d'alertes, mais comment en être sûre ?


Merci beaucoup en tout cas :-)

jlpjlp · Answer

oui ca a l'air bon

pour verifier



 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr




__________________
refais un hijackthis en suivant le manuel
manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Massanie Tari · Answer

"Aucun virus n'est présent sur votre ordinateur."

Parfait ! Merci énormément ;-)

rudyrital · Answer

salut, classe ton topic comme resolut ;)
@+

Cheval de Troie - ac8zt2

11 réponses

Discussions similaires