virus fake alert

virus fake alert - Sécurité - Windows & Software

Marsh Posté le 18-07-2006 à 13:52:01    

voila j'ai eu un message sur mon pc me disant que explorer.exe a rencontrer un probleme et bit defender me dit que mon pc a ete infecter par un virus nome fake alerte( je n'ai plus le nom exacte).  
mon antivirus a donc retirer le virus et il ne le detecte plus quand je scane le disk dur pourtant j'ai toujou se meme message d'erreur (quand je lance une video) qui apparai mai plus le message de bit defender a props du virus.
le virus est il toujour la?
comment l'enlever?
explorer.exe a vraiment un probleme? :pt1cable:  
merci.

Reply

Marsh Posté le 18-07-2006 à 13:52:01   

Reply

Marsh Posté le 18-07-2006 à 14:16:48    

Bonjour,
 
peux tu me donner le message d'erreur s'il te plait.
 
Ta bestiole (si c'en est bien une) doit se lancer au demarrage.
 
telecharge la version original de hijackthis http://www.merijn.org/files/hijackthis.zip
 
déconnecte toi du net et installe le.
 
lance le en cliquant sur Do a system scan and save a logfile a la fin du scan le bloc note va s'
ouvrir tu fais un copier coller de tout son contenu.
 

Reply

Marsh Posté le 18-07-2006 à 14:28:56    

ok je vai essayer
voila le message d'erreur:
 
Type de l'événement : Erreur
Source de l'événement : Application Error
Catégorie de l'événement : Aucun
ID de l'événement : 1000
Date :  18/07/2006
Heure :  13:21:37
Utilisateur : N/A
Description :
Application défaillante explorer.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x02673206.
 
Pour plus d'informations, consultez le centre Aide et support à l'adresse http://go.microsoft.com/fwlink/events.asp.
Données :
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 65 78 70   ure  exp
0018: 6c 6f 72 65 72 2e 65 78   lorer.ex
0020: 65 20 36 2e 30 2e 32 39   e 6.0.29
0028: 30 30 2e 32 31 38 30 20   00.2180  
0030: 69 6e 20 75 6e 6b 6e 6f   in unkno
0038: 77 6e 20 30 2e 30 2e 30   wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66   .0 at of
0048: 66 73 65 74 20 30 32 36   fset 026
0050: 37 33 32 30 36 0d 0a      73206..  

Reply

Marsh Posté le 18-07-2006 à 14:40:19    

re,
 
poste un rapport hijackthis s'il te plait

Reply

Marsh Posté le 18-07-2006 à 14:45:50    

att je ne l'instalerai que se soir je le post apres

Reply

Marsh Posté le 18-07-2006 à 16:37:05    

et voila le rapport
 
Logfile of HijackThis v1.99.1
Scan saved at 16:36:40, on 18/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\theo\Bureau\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: altmannsberger - {210b4043-35ca-4aa0-8796-191f9663dfb3} - C:\WINDOWS\system32\vpxnk.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

Reply

Marsh Posté le 18-07-2006 à 17:08:21    

je te conseille de telecharger spybot .
 
mais je ne croi pas que ton problémé est causé par un virus ou spyware ...  
 
 
 

Reply

Marsh Posté le 18-07-2006 à 17:40:47    

ok merci

Reply

Marsh Posté le 18-07-2006 à 18:07:18    

re,
 
1/Télécharger http://siri.urz.free.fr/Fix/SmitfraudFix.zip
 
2/ Dézipper la totalité de l'archive sur ton bureau.
 
Double cliquer sur smitfraudfix.cmd  
Sélectionner 1 dans le menu pour créer un rapport des fichiers responsables de l'infection.  
sauvegarde ce rapport et poste le

Reply

Marsh Posté le 18-07-2006 à 21:10:02    

spybot ma virer 50 truc.
et voila le rapport de smitfraudfix:
 
SmitFraudFix v2.73
 
Rapport fait à 21:08:55,39, 18/07/2006
Executé à partir de C:\Documents and Settings\theo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
 
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\1024\ PRESENT !
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\theo\Application Data
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\theo\Favoris
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files  
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"altmannsberger"="{210b4043-35ca-4aa0-8796-191f9663dfb3}"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Fin

Reply

Marsh Posté le 18-07-2006 à 21:10:02   

Reply

Marsh Posté le 18-07-2006 à 21:12:14    

3/* Redemarrer l'ordinateur en mode sans echec http://www.sosordi.net/Faq/Faq.2.html
  * Double cliquer sur smitfraudfix.cmd
  * Sélectionner 2 dans le menu pour supprimer les fichiers respondables de l'infection.
  * A la question: Voulez-vous nettoyer le registre ? répondre O (oui)
sauvegarde le rapport.
 
redemarre en mode normal et post aussi le nouveau rapport ainsi qu'un nouveau log hijackthis

Reply

Marsh Posté le 19-07-2006 à 11:17:51    

euh smitfraudfix n'apparait plus sur le bureau en mode sans echec.

Reply

Marsh Posté le 19-07-2006 à 11:20:51    

bonjour,
 
regarde bien, il doit y etre; c'est obligé

Reply

Marsh Posté le 19-07-2006 à 12:00:46    

smit fraud n'aparaissai pa sur le bureau mais je l'es copier dans un fichier et la c'etai bon.
 
SmitFraudFix v2.73
 
Rapport fait à 11:53:13,12, 19/07/2006
Executé à partir de C:\
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
 
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"altmannsberger"="{210b4043-35ca-4aa0-8796-191f9663dfb3}"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
 
GenericRenosFix by S!Ri
 
C:\WINDOWS\system32\vpxnk.dll -> Missing File
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
 
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\1024\ supprimé
 
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé.  
 
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Fin
 
 
 
 
 
Logfile of HijackThis v1.99.1
Scan saved at 11:59:02, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Documents and Settings\theo\Bureau\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

Reply

Marsh Posté le 19-07-2006 à 12:04:24    

bonjour,
 
Si durant la procedure ci bas, il y a des etapes que tu n'as pas reussi a faire, merci de  
continuer la procedure jusqu'au bout et de les signaler dans ta prochaine reponse.
 
 
1/Télécharge http://www.ewido.net/en/download/ Ewido anti-spyware
 
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.
 
Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"
 
Ferme Ewido. Ne pas le lancer tout de suite.
 
 
2/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html
 
 
3/lance hijackthis en cliquant sur do a scan system only coche cette ligne:
 
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe  
 
Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked
 
 
4/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:
 

Citation :

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Cocher la case : Afficher les fichiers et dossiers cachés
Décocher la case : Masquer les extensions des fichiers dont le type est connu
Décocher la case : Masquer les fichiers protégés du système d'exploitation
cliquer sur "Appliquer"
cliquer sur le bouton "Appliquer à tous les dossiers" / OK


 
5/

Citation :

demarrer,rechercher,clique sur tous les fichiers et tout les dossiers, clique sur les deux petites fleches a cotes de options avancées
et coche rechercher dans les fichiers et dossiers cachés.


 
6/recherche (demarrer/rechercher) et supprime ce fichier si tu le trouves:
 
rwnt.exe
 
 
7/ Du mode Sans Échec, lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.  Le scan prendra un certain temps, donc sois patient.
 
Ewido affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. Ewido affichera "All actions have been applied" du côté droit.
 
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).
 
 
8/redemarre en mode normal
 
9/poste le rapport d'ewido ainsi qu'un nouveau log hijackthis.
 
bon courage, et si tu as la moindre question n'hesite surtout pas ;)
 
@+

Reply

Marsh Posté le 19-07-2006 à 14:01:33    

bon j ai tt fai et j espere ne pas a avoir le refair.
hijackthis a degager rwnt.exe car je ne les pas retrouver avec la recherche.
 
voila les rapport:
 
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
 
 + Created at: 13:54:35 19/07/2006
 
 + Scan result:  
 
 
 
:mozilla.242:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.243:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.244:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.245:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.246:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.247:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.248:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.249:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.250:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.251:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.252:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.253:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.254:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.255:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.256:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.257:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.258:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.259:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.260:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.262:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.531:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.285:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.286:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.293:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.294:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.858:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Belstat : Cleaned.
:mozilla.859:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Belstat : Cleaned.
:mozilla.111:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.788:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.860:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.136:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.138:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.84:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.85:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.92:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.352:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.772:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.773:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.774:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.214:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.419:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.287:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.190:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.229:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.230:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.231:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.232:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.233:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.319:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.320:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.321:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.753:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.754:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.755:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.756:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.757:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.758:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.94:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.95:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.96:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.97:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.98:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.99:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.787:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.187:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.811:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.812:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.208:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.212:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.551:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.289:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.290:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.291:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.292:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.571:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.572:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.573:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.818:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.819:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.820:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.821:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.822:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.593:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.345:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.608:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.609:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.610:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.611:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.357:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.364:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.365:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.366:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.368:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.369:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.370:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.371:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.372:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.373:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.374:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.375:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.376:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.377:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.378:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.379:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.380:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.381:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.382:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.383:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.384:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.385:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.386:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.220:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.221:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.222:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.223:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.629:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.630:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.631:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.632:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.633:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.634:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.635:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.653:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.654:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.66:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.67:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.68:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.69:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.70:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.71:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.72:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.73:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.74:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.666:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.667:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.668:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.669:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.670:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.671:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.103:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.104:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.43:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.44:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.45:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.46:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.356:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.76:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.78:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.79:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.80:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.81:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.82:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.83:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
 
 
::Report end
 
 
 
 
Logfile of HijackThis v1.99.1
Scan saved at 13:58:20, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\theo\Bureau\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

Reply

Marsh Posté le 19-07-2006 à 16:59:53    

re,
 
ton log est propre, as tu encore des problemes avec ton PC?

Reply

Marsh Posté le 19-07-2006 à 17:30:25    

nan pas pour l'instant je te tient au courant.
merci bcp

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed