Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[résolu]fenetre qui s'ouvre seul

jeanbleuzen

Par jeanbleuzen
dans Analyses et éradication malwares

 Partager

Messages recommandés

jeanbleuzen Junior Member

jeanbleuzen

Posté(e)
  • Auteur
Posté(e)

Le rapport de Jack :P :

Logfile of HijackThis v1.99.1

Scan saved at 15:26:39, on 23/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe

C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe

C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\Fichiers communs\AOL\1143482350\ee\AOLSoftware.exe

C:\Program Files\Fichiers communs\{CC2844AE-08A2-1036-0510-050726050021}\Update.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\Program Files\AOL 9.0\aoltray.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

J:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Calendrier 2006\Calendrier2006.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN

C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\Aramis\Bureau\n_v1pc\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe

O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug

O4 - HKLM\..\Run: [bDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"

O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] "C:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe"

O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~1\mm_tray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [EPSON Stylus Photo RX640 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAME.EXE /P31 "EPSON Stylus Photo RX640 Series" /O6 "USB001" /M "Stylus Photo RX640"

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143482350\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [EPSON Stylus Photo RX640 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAME.EXE /P31 "EPSON Stylus Photo RX640 Series" /M "Stylus Photo RX640" /EF "HKCU"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - Startup: Calendrier 2006.lnk = C:\Program Files\Calendrier 2006\Calendrier2006.exe

O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = J:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - J:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1136132937562

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{DDBA3AA5-3FD8-45F4-B2E6-B1E78DE577CB}: NameServer = 192.168.1.1

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - J:\Program Files\Spyware Doctor\sdhelp.exe

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

narco4 Mega Power Member

narco4

Posté(e)
Posté(e)

re

 

 

relance hijackthis pour un scan seulement(do you scan only)

puis coche ces lignes

 

 

O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll

 

ferme toutes les fenétres appart hijackthis

puis clique sur fixer objet

 

 

va dans ajout et supréssion de programme

suprime ToolBar888

 

ensuite va ici

 

C:\Program Files\ToolBar888<<<<<<<<<<<<<tu suprime

 

 

redémarre le pc

 

 

telecharge ewido

http://www.ewido.net/en/download/

Tu l'installes.

Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).

Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".

Clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.

A la fin du scan, choisis l'option " Apply All Actions ".

Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.

Poste son rapport et nouveau hjk

jeanbleuzen Junior Member

jeanbleuzen

Posté(e)
  • Auteur
Posté(e)

Apres un long scan

 

---------------------------------------------------------

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 16:54:34 23/07/2006

 

+ Scan result:

 

 

 

HKLM\SOFTWARE\Classes\Softomate.IEToolbar -> Adware.CoolWebSearch : Cleaned with backup (quarantined).

HKLM\SOFTWARE\Classes\Softomate.IEToolbar.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).

HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).

HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).

C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).

C:\WINDOWS\system32\byxyvsq.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).

C:\WINDOWS\system32\khfgebb.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).

C:\WINDOWS\system32\mljjh.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).

C:\Documents and Settings\Aramis\Local Settings\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\Cache\9568A9C6d01 -> Downloader.Agent.alr : Cleaned with backup (quarantined).

:mozilla.168:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.169:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.170:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.171:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.172:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.173:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.174:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.175:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.176:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.177:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.311:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.312:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.313:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.337:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Aramis\Cookies\aramis@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.189:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.190:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.218:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

:mozilla.130:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Com : Cleaned.

:mozilla.485:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

:mozilla.486:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

:mozilla.487:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

:mozilla.124:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Estat : Cleaned.

:mozilla.475:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.57:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.58:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.59:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.60:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.553:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.554:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.340:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.341:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.348:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.354:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.355:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.356:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.515:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.516:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.517:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.518:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.519:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.520:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.521:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.522:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.245:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.246:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.366:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.367:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.368:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.369:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.476:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.477:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.491:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.492:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.493:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.498:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.594:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.595:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.596:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.382:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.383:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.384:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.385:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.394:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.395:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.399:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.400:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.401:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.402:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.403:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.404:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.405:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.406:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.407:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.68:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.69:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.70:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

C:\Documents and Settings\Aramis\Cookies\aramis@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.456:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.135:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.136:C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

 

 

::Report end

 

 

 

et le Hijackthis:

 

Logfile of HijackThis v1.99.1

Scan saved at 16:56:23, on 23/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\Program Files\ewido anti-spyware 4.0\guard.exe

C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe

C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe

C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe

C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\Fichiers communs\AOL\1143482350\ee\AOLSoftware.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe

C:\Program Files\ewido anti-spyware 4.0\ewido.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\AOL 9.0\aoltray.exe

J:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Calendrier 2006\Calendrier2006.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Documents and Settings\Aramis\Bureau\n_v1pc\n_v14.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe

C:\Documents and Settings\Aramis\Bureau\n_v1pc\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe

O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug

O4 - HKLM\..\Run: [bDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"

O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] "C:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe"

O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~1\mm_tray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [EPSON Stylus Photo RX640 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAME.EXE /P31 "EPSON Stylus Photo RX640 Series" /O6 "USB001" /M "Stylus Photo RX640"

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143482350\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe

O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [EPSON Stylus Photo RX640 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAME.EXE /P31 "EPSON Stylus Photo RX640 Series" /M "Stylus Photo RX640" /EF "HKCU"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - Startup: Calendrier 2006.lnk = C:\Program Files\Calendrier 2006\Calendrier2006.exe

O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = J:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - J:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1136132937562

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{DDBA3AA5-3FD8-45F4-B2E6-B1E78DE577CB}: NameServer = 192.168.1.1

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - J:\Program Files\Spyware Doctor\sdhelp.exe

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

narco4 Mega Power Member

narco4

Posté(e)
Posté(e) (modifié)

salut,

 

edit vide la qurantaine de ewido

 

fait un scan en ligne ici

avec Internet Explorer

 

http://www.pandasoftware.com/activescan/fr...n_principal.htm

clique sur "analyser votre pc"

entre un email valide, indique ta localisation et coche la case "j'accepte"

clique sur "analyser maintenant"

accepte le téléchargement/installation du fichier activeX

une fois terminé copie/colle ici le rapport.

Modifié par kuruma
jeanbleuzen Junior Member

jeanbleuzen

Posté(e)
  • Auteur
Posté(e)

Incident Status Location

 

Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.weborama.fr/]

Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.metriweb.be/]

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.as-eu.falkag.net/]

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[fe.lea.lycos.fr/]

Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[hc2.humanclick.com/]

Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[hc2.humanclick.com/hc/4056755]

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.com.com/]

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.zedo.com/]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.adopt.hbmediapro.com/]

Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.adtech.de/]

Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.apmebf.com/]

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.burstnet.com/]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.microsofteup.112.2o7.net/]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.microsoftwga.112.2o7.net/]

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.overture.com/]

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.perf.overture.com/]

Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.questionmarket.com/]

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.realmedia.com/]

Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[.tribalfusion.com/]

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[ad.yieldmanager.com/]

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[as1.falkag.de/]

Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[fl01.ct2.comclick.com/]

Spyware:Cookie/Match Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[promo.match.com/]

Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Aramis\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\cookies.txt[stats1.reliablestats.com/]

Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Aramis\Local Settings\Application Data\Mozilla\Firefox\Profiles\684ylw8l.default\Cache\633285D9d01[smitfraudFix/Process.exe]

Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Fichiers communs\{CC2844AE-08A2-1036-0510-050726050021}\services.dll

Adware:Adware/MaxFiles Not disinfected C:\Program Files\ipwins\ipwins.exe

Adware:Adware/Maxifiles Not disinfected C:\Program Files\ipwins\Uninst.exe

Adware:Adware/DollarRevenue Not disinfected C:\Program Files\ToolBar888\Uninst.exe[²ÜÇ\nsProcess.dll]

Potentially unwanted tool:Application/Processor Not disinfected C:\SmitfraudFix\Process.exe

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\khfgebb.dll

Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe

Adware:Adware/PurityScan Not disinfected C:\WINDOWS\Temp\win36.tmp.exe

Adware:Adware/Maxifiles Not disinfected C:\WINDOWS\Temp\win3A.tmp.exe

narco4 Mega Power Member

narco4

Posté(e)
Posté(e) (modifié)

salut

 

Télécharge et installe CCleaner.

http://www.pcastuces.com/logitheque/ccleaner.htm

Installe le dans un répertoire dédié. Décoche pendant l'installation

- les deux cases "Ajouter l'option ... "

- Contrôler les mises à jour

- Ajouter la Barre d'Outils Yahoo! CCleaner

 

* Assure toi d'avoir accès à tous les fichiers

 

- démarrer----------------poste de travail ou autre dossier------------menu outils-----------options des dossiers---------------onglet affichage :

- activer la case : Afficher les fichiers et dossiers cachés

- désactiver la case : Masquer les extensions des fichiers dont le type est connu

- désactiver la case : Masquer les fichier protégés du système d'exploitation

Puis

- Appliquer

 

 

suprime cela

 

C:\Program Files\Fichiers communs\ CC2844AE-08A2-1036-0510-050726050021<<<<<<<<<<cela

C:\Program Files\ ipwins<<<<<<<<<<<cela

C:\Program Files\ ToolBar888<<<<<<<<<<<cela

C:\SmitfraudFix

C:\WINDOWS\system32\ khfgebb.dll <<<<<<<cela

C:\WINDOWS\system32\ Process.exe <<<<<<<<cela

C:\WINDOWS\ Temp<<<<<<<<<<<<<vide tout le contenu

 

 

 

recache les fichiers du systéme

 

 

lance ccleaner

lancer le nettoyage ok

ne touche pas au réglages

 

si il y en a qui résiste fait le en mode sans echec

 

 

refait un scan panda

Modifié par kuruma
narco4 Mega Power Member

narco4

Posté(e)
Posté(e) (modifié)

salut,

 

 

télécharge la dernière version de Killbox -> http://www.downloads.subratam.org/KillBox.zip

Place le programme dans le répertoire qui te plaît.

 

- redémarre l'ordinateur en mode sans échec

 

- lance Pocket Killbox

--- choisis l'option Delete on Reboot

 

--- copie le chemin complet du fichier dans la boîte "Full Path of File to Delete" :

 

 

C:\WINDOWS\system32\ khfgebb.dll

 

 

 

 

les boutons "Single File" et "All Files" deviennent actifs mais "Single File" est activé par défaut.

Il faut alors impérativement activer (cliquer sur) "All Files".

--- vérifie que tous les fichiers sont enregistrés, par la liste déroulante "Full Path of File to Delete"

--- si un ou des fichiers ".dll" sont présents dans la liste, coche "Unregister .dll Before Deleting".

--- clique sur la croix blanche sur fond rouge (Delete File) :

 

- "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder

 

Si Pocket KillBox ne fait pas redémarrer le PC, redémarre le toi même.

 

fait le scan panda

Modifié par kuruma

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...