Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Télécharge SpySweeper - Télécharge SpySweeper - Aide SpySweeper

- Clic sur sur le lien "Free Trial" pour le télécharger tout à droite

- Installe le et démare le

- Il va te demander de télécharger la dernière définition, accepte

- Ensuite, clic sur le bouton Options à gauche

- Clic sur l'onglet Options

- Assure toi que les options suivantes sont cochées :

o Windows Registery

o Memory Object

o Cookies

o System Restore Folder

o Plus bas :

o Sweep all users accounts

o Sweep for rootkis

 

Ensuite télécharges et installes :

KillBox de Option^Explicit

Aide Killbox

 

 

-- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

 

Vide le contenu de ce dossier : c:\Documents and Settings\Alain\Local Settings\Temporary Internet Files\Content.IE5\

 

- Démarre SpySweeper

- Clic sur "Sweep Now" à gauche

- Clic sur le bouton "Start"

- Quand le scan est terminé, clic sur le bouton "Next"

- Assure toi que tout est coché et clic sur le bouton "Next"

- Lorsque tous les éléments trouvés ont été supprimés

- Clic sur "Session Log" en haut à droite, copie tous les élements du log.

 

 

Aide : N'hésite pas à consulter l'Aide de SpySweeper

 

sélectionne entièrement la liste ci-dessous :

 

  Citation
C:\WINDOWS\System32\SVKP.sys

C:\WINDOWS\System32\V

c:\1.vbs

 

---> et tu fais clic droit / copier

 

Ouvres killbox

- Sélectionne "delete on reboot"

- Clique sur le menu "File" -> "Past from clip board"

- Clique sur la croix rouge et et blanche

- Répond yes et laisse redémarrer ton pc.

N'hésite pas à consulter l'Aide killbox

 

L'ordinateur va redémarrer.

 

Ccolle tout le log ici ainsi qu'un log HijackThis

Posté(e) (modifié)

J'ai un probleme. Impossible de télécharger Killbox sa me dit que l'archive est de format inconnue ou endommagé alors que je l'ouvre avec WinRAR.

 

EDIT : Non c'est bon j'ai réussi a le trouver sans qu'il soit dans une archive .zip.

Modifié par dombilepetitlutin
Posté(e)

19:58: Removal process completed. Elapsed time 00:00:17

19:58: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTFB.tmp". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTFC.tmp". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable

19:58: Quarantining All Traces: weborama cookie

19:58: Quarantining All Traces: tripod cookie

19:58: Quarantining All Traces: servlet cookie

19:58: Quarantining All Traces: realmedia cookie

19:58: Quarantining All Traces: offeroptimizer cookie

19:58: Quarantining All Traces: fortunecity cookie

19:58: Quarantining All Traces: touchclarity cookie

19:58: Quarantining All Traces: fe.lea.lycos.com cookie

19:58: Quarantining All Traces: directtrack cookie

19:58: Quarantining All Traces: bizrate cookie

19:58: Quarantining All Traces: belnk cookie

19:58: Quarantining All Traces: hbmediapro cookie

19:58: Quarantining All Traces: 66.220.17 cookie

19:58: Quarantining All Traces: xiti cookie

19:58: Quarantining All Traces: bluestreak cookie

19:58: Quarantining All Traces: adtech cookie

19:58: Quarantining All Traces: mediapipe

19:58: Quarantining All Traces: apropos

19:58: Quarantining All Traces: trojan agent winlogonhook

19:58: Removal process initiated

19:47: Traces Found: 28

19:47: Full Sweep has completed. Elapsed time 00:28:37

19:47: File Sweep Complete, Elapsed Time: 00:26:54

19:47: Warning: Failed to access drive E:

19:47: Warning: Failed to access drive D:

19:20: Starting File Sweep

19:20: Warning: Failed to access drive A:

19:20: Cookie Sweep Complete, Elapsed Time: 00:00:00

19:20: c:\documents and settings\alain\cookies\alain@xiti[2].txt (ID = 3717)

19:20: c:\documents and settings\alain\cookies\alain@weborama[1].txt (ID = 3658)

19:20: Found Spy Cookie: weborama cookie

19:20: c:\documents and settings\alain\cookies\alain@tripod[1].txt (ID = 3591)

19:20: Found Spy Cookie: tripod cookie

19:20: c:\documents and settings\alain\cookies\alain@servlet[1].txt (ID = 3345)

19:20: Found Spy Cookie: servlet cookie

19:20: c:\documents and settings\alain\cookies\alain@renault.touchclarity[1].txt (ID = 3566)

19:20: c:\documents and settings\alain\cookies\alain@realmedia[2].txt (ID = 3235)

19:20: Found Spy Cookie: realmedia cookie

19:20: c:\documents and settings\alain\cookies\alain@offeroptimizer[1].txt (ID = 3087)

19:20: Found Spy Cookie: offeroptimizer cookie

19:20: c:\documents and settings\alain\cookies\alain@mediastay.directtrack[2].txt (ID = 2528)

19:20: c:\documents and settings\alain\cookies\alain@fortunecity[1].txt (ID = 2686)

19:20: Found Spy Cookie: fortunecity cookie

19:20: c:\documents and settings\alain\cookies\alain@ford.touchclarity[1].txt (ID = 3566)

19:20: Found Spy Cookie: touchclarity cookie

19:20: c:\documents and settings\alain\cookies\alain@fe.lea.lycos[2].txt (ID = 2660)

19:20: c:\documents and settings\alain\cookies\alain@fe.lea.lycos[1].txt (ID = 2660)

19:20: Found Spy Cookie: fe.lea.lycos.com cookie

19:20: c:\documents and settings\alain\cookies\alain@dist.belnk[2].txt (ID = 2293)

19:20: c:\documents and settings\alain\cookies\alain@directtrack[1].txt (ID = 2527)

19:20: Found Spy Cookie: directtrack cookie

19:20: c:\documents and settings\alain\cookies\alain@bluestreak[1].txt (ID = 2314)

19:20: c:\documents and settings\alain\cookies\alain@bizrate[1].txt (ID = 2308)

19:20: Found Spy Cookie: bizrate cookie

19:20: c:\documents and settings\alain\cookies\alain@belnk[1].txt (ID = 2292)

19:20: Found Spy Cookie: belnk cookie

19:20: c:\documents and settings\alain\cookies\alain@adtech[2].txt (ID = 2155)

19:20: c:\documents and settings\alain\cookies\alain@adopt.hbmediapro[2].txt (ID = 2768)

19:20: Found Spy Cookie: hbmediapro cookie

19:20: c:\documents and settings\alain\cookies\alain@66.220.17[1].txt (ID = 1991)

19:20: Found Spy Cookie: 66.220.17 cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@xiti[1].txt (ID = 3717)

19:20: Found Spy Cookie: xiti cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@bluestreak[1].txt (ID = 2314)

19:20: Found Spy Cookie: bluestreak cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@adtech[2].txt (ID = 2155)

19:20: Found Spy Cookie: adtech cookie

19:20: Starting Cookie Sweep

19:20: Registry Sweep Complete, Elapsed Time:00:00:19

19:20: HKU\WRSS_Profile_S-1-5-21-842925246-1343024091-725345543-1003\software\aprps\ (ID = 103740)

19:20: HKU\WRSS_Profile_S-1-5-21-842925246-1343024091-725345543-1006\software\aprps\ (ID = 103740)

19:20: Found Adware: apropos

19:20: HKLM\software\microsoft\mssmgr\ (ID = 937101)

19:20: Found Trojan Horse: trojan agent winlogonhook

19:20: HKLM\software\classes\appid\downloadmanager.exe\ (ID = 866963)

19:20: HKCR\appid\downloadmanager.exe\ (ID = 866684)

19:20: Found Adware: mediapipe

19:20: Starting Registry Sweep

19:20: Memory Sweep Complete, Elapsed Time: 00:01:00

19:19: Starting Memory Sweep

19:19: Sweep initiated using definitions version 753

19:19: Spy Sweeper 5.0.5.1286 started

19:19: | Start of Session, dimanche 3 septembre 2006 |

********

19:19: | End of Session, dimanche 3 septembre 2006 |

Keylogger Shield: On

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites Shield: Off

Hosts File Shield: On

Spy Communication Shield: On

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: On

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

19:18: Shield States

19:18: Spyware Definitions: 753

19:17: Spy Sweeper 5.0.5.1286 started

19:17: Program Version 5.0.5.1286 Using Spyware Definitions 753

18:40: Your spyware definitions have been updated.

Operation: File Access

Target:

Source: C:\PROGRAM FILES\FICHIERS COMMUNS\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE

18:40: Tamper Detection

Keylogger Shield: On

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites Shield: Off

Hosts File Shield: On

Spy Communication Shield: On

18:37: Messenger service has been disabled.

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: On

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

18:37: Shield States

18:37: Spyware Definitions: 691

18:37: Spy Sweeper 5.0.5.1286 started

18:37: Spy Sweeper 5.0.5.1286 started

18:37: | Start of Session, dimanche 3 septembre 2006 |

********

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 20:07:04, on 03/09/2006

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\WINDOWS\System32\RunDll32.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Benjamin\Mes documents\Mes documents\Hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe

O4 - HKLM\..\Run: [soundFusion] RunDll32 hercplgs.cpl,BootEntryPoint

O4 - HKLM\..\Run: [WOOTASKBARICON] "C:\PROGRA~1\Wanadoo\GestMaj.exe" TaskBarIcon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [WOOKIT] "C:\PROGRA~1\Wanadoo\Shell.exe" appLaunchClientZone.shl|PARAM= cnx

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1148737195947

O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Posté(e)

19:58: Removal process completed. Elapsed time 00:00:17

19:58: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTFB.tmp". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTFC.tmp". Reason: Le fichier spécifié est introuvable

19:58: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable

19:58: Quarantining All Traces: weborama cookie

19:58: Quarantining All Traces: tripod cookie

19:58: Quarantining All Traces: servlet cookie

19:58: Quarantining All Traces: realmedia cookie

19:58: Quarantining All Traces: offeroptimizer cookie

19:58: Quarantining All Traces: fortunecity cookie

19:58: Quarantining All Traces: touchclarity cookie

19:58: Quarantining All Traces: fe.lea.lycos.com cookie

19:58: Quarantining All Traces: directtrack cookie

19:58: Quarantining All Traces: bizrate cookie

19:58: Quarantining All Traces: belnk cookie

19:58: Quarantining All Traces: hbmediapro cookie

19:58: Quarantining All Traces: 66.220.17 cookie

19:58: Quarantining All Traces: xiti cookie

19:58: Quarantining All Traces: bluestreak cookie

19:58: Quarantining All Traces: adtech cookie

19:58: Quarantining All Traces: mediapipe

19:58: Quarantining All Traces: apropos

19:58: Quarantining All Traces: trojan agent winlogonhook

19:58: Removal process initiated

19:47: Traces Found: 28

19:47: Full Sweep has completed. Elapsed time 00:28:37

19:47: File Sweep Complete, Elapsed Time: 00:26:54

19:47: Warning: Failed to access drive E:

19:47: Warning: Failed to access drive D:

19:20: Starting File Sweep

19:20: Warning: Failed to access drive A:

19:20: Cookie Sweep Complete, Elapsed Time: 00:00:00

19:20: c:\documents and settings\alain\cookies\alain@xiti[2].txt (ID = 3717)

19:20: c:\documents and settings\alain\cookies\alain@weborama[1].txt (ID = 3658)

19:20: Found Spy Cookie: weborama cookie

19:20: c:\documents and settings\alain\cookies\alain@tripod[1].txt (ID = 3591)

19:20: Found Spy Cookie: tripod cookie

19:20: c:\documents and settings\alain\cookies\alain@servlet[1].txt (ID = 3345)

19:20: Found Spy Cookie: servlet cookie

19:20: c:\documents and settings\alain\cookies\alain@renault.touchclarity[1].txt (ID = 3566)

19:20: c:\documents and settings\alain\cookies\alain@realmedia[2].txt (ID = 3235)

19:20: Found Spy Cookie: realmedia cookie

19:20: c:\documents and settings\alain\cookies\alain@offeroptimizer[1].txt (ID = 3087)

19:20: Found Spy Cookie: offeroptimizer cookie

19:20: c:\documents and settings\alain\cookies\alain@mediastay.directtrack[2].txt (ID = 2528)

19:20: c:\documents and settings\alain\cookies\alain@fortunecity[1].txt (ID = 2686)

19:20: Found Spy Cookie: fortunecity cookie

19:20: c:\documents and settings\alain\cookies\alain@ford.touchclarity[1].txt (ID = 3566)

19:20: Found Spy Cookie: touchclarity cookie

19:20: c:\documents and settings\alain\cookies\alain@fe.lea.lycos[2].txt (ID = 2660)

19:20: c:\documents and settings\alain\cookies\alain@fe.lea.lycos[1].txt (ID = 2660)

19:20: Found Spy Cookie: fe.lea.lycos.com cookie

19:20: c:\documents and settings\alain\cookies\alain@dist.belnk[2].txt (ID = 2293)

19:20: c:\documents and settings\alain\cookies\alain@directtrack[1].txt (ID = 2527)

19:20: Found Spy Cookie: directtrack cookie

19:20: c:\documents and settings\alain\cookies\alain@bluestreak[1].txt (ID = 2314)

19:20: c:\documents and settings\alain\cookies\alain@bizrate[1].txt (ID = 2308)

19:20: Found Spy Cookie: bizrate cookie

19:20: c:\documents and settings\alain\cookies\alain@belnk[1].txt (ID = 2292)

19:20: Found Spy Cookie: belnk cookie

19:20: c:\documents and settings\alain\cookies\alain@adtech[2].txt (ID = 2155)

19:20: c:\documents and settings\alain\cookies\alain@adopt.hbmediapro[2].txt (ID = 2768)

19:20: Found Spy Cookie: hbmediapro cookie

19:20: c:\documents and settings\alain\cookies\alain@66.220.17[1].txt (ID = 1991)

19:20: Found Spy Cookie: 66.220.17 cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@xiti[1].txt (ID = 3717)

19:20: Found Spy Cookie: xiti cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@bluestreak[1].txt (ID = 2314)

19:20: Found Spy Cookie: bluestreak cookie

19:20: c:\documents and settings\benjamin\cookies\benjamin@adtech[2].txt (ID = 2155)

19:20: Found Spy Cookie: adtech cookie

19:20: Starting Cookie Sweep

19:20: Registry Sweep Complete, Elapsed Time:00:00:19

19:20: HKU\WRSS_Profile_S-1-5-21-842925246-1343024091-725345543-1003\software\aprps\ (ID = 103740)

19:20: HKU\WRSS_Profile_S-1-5-21-842925246-1343024091-725345543-1006\software\aprps\ (ID = 103740)

19:20: Found Adware: apropos

19:20: HKLM\software\microsoft\mssmgr\ (ID = 937101)

19:20: Found Trojan Horse: trojan agent winlogonhook

19:20: HKLM\software\classes\appid\downloadmanager.exe\ (ID = 866963)

19:20: HKCR\appid\downloadmanager.exe\ (ID = 866684)

19:20: Found Adware: mediapipe

19:20: Starting Registry Sweep

19:20: Memory Sweep Complete, Elapsed Time: 00:01:00

19:19: Starting Memory Sweep

19:19: Sweep initiated using definitions version 753

19:19: Spy Sweeper 5.0.5.1286 started

19:19: | Start of Session, dimanche 3 septembre 2006 |

********

19:19: | End of Session, dimanche 3 septembre 2006 |

Keylogger Shield: On

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites Shield: Off

Hosts File Shield: On

Spy Communication Shield: On

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: On

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

19:18: Shield States

19:18: Spyware Definitions: 753

19:17: Spy Sweeper 5.0.5.1286 started

19:17: Program Version 5.0.5.1286 Using Spyware Definitions 753

18:40: Your spyware definitions have been updated.

Operation: File Access

Target:

Source: C:\PROGRAM FILES\FICHIERS COMMUNS\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE

18:40: Tamper Detection

Keylogger Shield: On

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites Shield: Off

Hosts File Shield: On

Spy Communication Shield: On

18:37: Messenger service has been disabled.

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: On

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

18:37: Shield States

18:37: Spyware Definitions: 691

18:37: Spy Sweeper 5.0.5.1286 started

18:37: Spy Sweeper 5.0.5.1286 started

18:37: | Start of Session, dimanche 3 septembre 2006 |

********

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 20:07:04, on 03/09/2006

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\WINDOWS\System32\RunDll32.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Benjamin\Mes documents\Mes documents\Hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe

O4 - HKLM\..\Run: [soundFusion] RunDll32 hercplgs.cpl,BootEntryPoint

O4 - HKLM\..\Run: [WOOTASKBARICON] "C:\PROGRA~1\Wanadoo\GestMaj.exe" TaskBarIcon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [WOOKIT] "C:\PROGRA~1\Wanadoo\Shell.exe" appLaunchClientZone.shl|PARAM= cnx

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1148737195947

O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...