Messages d'erreur
Dernière réponse : dans Sécurité
:-? Salut a tous,
Voila mon probléme, j'ai des messages d'erreur qui n'arrêtent pas de s'afficher !
J'ai BitDefender 8 free edition et Zone alarm pro en anti espion, pare feu, anti virus.
J'ai fait un p'tit coup de ad adware mais rien n'y fait,c'est encore là !
Pourriez vous m'aider svp ?
![]()
:-D
Voila mon probléme, j'ai des messages d'erreur qui n'arrêtent pas de s'afficher !
J'ai BitDefender 8 free edition et Zone alarm pro en anti espion, pare feu, anti virus.
J'ai fait un p'tit coup de ad adware mais rien n'y fait,c'est encore là !
Pourriez vous m'aider svp ?
:-D
Autres pages sur : messages erreur
Lassé par la pub ? Créez un compte
Bonjour,
1/ Télécharge SmitfraudFix de S!Ri :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
Tu le dézippes sur le Bureau.
Télécharge Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe-le dans un répertoire dédié.
2/ Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Poste le rapport.
3/ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.
4/ Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.
5/ Lance le nettoyage avec CCleaner.
6/ Lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.
A la fin du scan, choisis l'option " Apply All Actions " en bas. Puis, Yes pour mettre en quarantaine.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte, sauvegarde le sur ton bureau.
7/ Redémarres normalement et communiques le deuxième rapport de SmitfraudFix, celui d'Ewido.
8/ Poste un rapport HijackThis.
Télécharge le, puis met le dans un dossier dédié (exemple : ..\Bureau\Hijackthis\Hijackthis.exe ).
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
1/ Télécharge SmitfraudFix de S!Ri :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
Tu le dézippes sur le Bureau.
Télécharge Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe-le dans un répertoire dédié.
2/ Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Poste le rapport.
3/ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.
4/ Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.
5/ Lance le nettoyage avec CCleaner.
6/ Lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.
A la fin du scan, choisis l'option " Apply All Actions " en bas. Puis, Yes pour mettre en quarantaine.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte, sauvegarde le sur ton bureau.
7/ Redémarres normalement et communiques le deuxième rapport de SmitfraudFix, celui d'Ewido.
8/ Poste un rapport HijackThis.
Télécharge le, puis met le dans un dossier dédié (exemple : ..\Bureau\Hijackthis\Hijackthis.exe ).
Ensuite, lance le, appuie sur Do a system scan a save a logfile, et donne nous le résultat du scan
www.infos-du-net.com/telecharger/HijackThis.html
Alors voila le deuxieme rapport de smitfraudfix :
SmitFraudFix v2.81
Rapport fait à 11:42:25,23, 08/08/2006
Executé à partir de C:\Documents and Settings\mathieu hubert\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\sites.ini supprimé
C:\WINDOWS\system32\casino.ico supprimé
C:\WINDOWS\system32\date.ico supprimé
C:\WINDOWS\system32\ixt?.dll supprimé
C:\WINDOWS\system32\network.ico supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\spam.ico supprimé
C:\WINDOWS\system32\spyware.ico supprimé
C:\WINDOWS\system32\ts.ico supprimé
C:\WINDOWS\system32\components\flx?.dll supprimé
C:\WINDOWS\system32\components\flx??.dll supprimé
C:\DOCUME~1\MATHIE~1\Favoris\Antivirus Test Online.url supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé
C:\Documents and Settings\mathieu hubert\Application Data\Skinux\ supprimé
C:\Program Files\Safety Bar\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
HKLM\SOFTWARE\SHUDDERLTD supprimé
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
****************************************************
et celui d'ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:24:03 08/08/2006
+ Scan result:
HKU\S-1-5-21-307650798-4240015804-3379358156-1006\Software\Microsoft\Internet Explorer\Keywords -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-307650798-4240015804-3379358156-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vbeydwl.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd28.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D2.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D4.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D6.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4E9.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4EA.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd516.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd5DB.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd5E0.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd608.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd60D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd614.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd617.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd63B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd63F.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd655.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd65C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd65D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd671.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6C3.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6C7.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6CB.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6DC.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6F1.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd704.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd727.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd728.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72A.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd739.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd748.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd74A.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd74D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd757.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd76E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd798.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd79C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd79D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7A7.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7A8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7D0.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7D5.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd84B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd866.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd868.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd871.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd872.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd873.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd874.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87F.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd883.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd884.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd891.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd892.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd894.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8A4.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8AD.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8C8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8D2.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8E8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\Program Files\Quivices\Cache\000058c5_43b1b64d_0003d090 -> Downloader.IstBar.j : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\isnotify.exe -> Downloader.Zlob.to : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.239:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.240:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.241:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.242:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.551:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.552:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.123:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.73:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.485:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.486:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.487:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.81:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.84:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.404:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.369:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.233:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.234:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.235:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.90:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.23:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.24:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.25:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.48:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.49:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.50:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.51:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.52:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.53:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.258:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.261:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.151:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.155:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.157:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.464:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.143:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.144:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.145:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.18:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.22:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.360:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.361:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.362:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.370:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.371:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.372:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.373:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.587:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.588:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.589:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.590:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.506:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.507:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.508:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.509:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.510:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.511:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.512:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.513:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.514:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.515:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.516:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.517:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.518:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.519:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.577:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.110:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.111:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.112:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.113:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.400:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.401:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.402:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.385:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.386:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.74:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.76:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.77:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.29:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.394:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.395:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.603:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.136:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.137:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.138:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.319:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.116:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.117:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.118:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.119:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.120:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.121:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.553:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.554:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
********************************************************************
et enfin le rapport de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:43:06, on 08/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\program files\softwin\bitdefender8\bdnagent.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\mathieu hubert\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {91C03C6E-A8AD-A958-F039-FCEA1ABF7A93} - C:\WINDOWS\system32\vbeydwl.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus_3.62\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: *.coolwebsearch.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinsta...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.ca...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: pushow78.dll
O20 - Winlogon Notify: winhab32 - C:\WINDOWS\SYSTEM32\winhab32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
*****************************************************************
Voila ! :-?
SmitFraudFix v2.81
Rapport fait à 11:42:25,23, 08/08/2006
Executé à partir de C:\Documents and Settings\mathieu hubert\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\sites.ini supprimé
C:\WINDOWS\system32\casino.ico supprimé
C:\WINDOWS\system32\date.ico supprimé
C:\WINDOWS\system32\ixt?.dll supprimé
C:\WINDOWS\system32\network.ico supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\spam.ico supprimé
C:\WINDOWS\system32\spyware.ico supprimé
C:\WINDOWS\system32\ts.ico supprimé
C:\WINDOWS\system32\components\flx?.dll supprimé
C:\WINDOWS\system32\components\flx??.dll supprimé
C:\DOCUME~1\MATHIE~1\Favoris\Antivirus Test Online.url supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé
C:\Documents and Settings\mathieu hubert\Application Data\Skinux\ supprimé
C:\Program Files\Safety Bar\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
HKLM\SOFTWARE\SHUDDERLTD supprimé
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
****************************************************
et celui d'ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:24:03 08/08/2006
+ Scan result:
HKU\S-1-5-21-307650798-4240015804-3379358156-1006\Software\Microsoft\Internet Explorer\Keywords -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-307650798-4240015804-3379358156-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vbeydwl.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd28.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D2.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D4.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4D6.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4E9.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd4EA.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd516.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd5DB.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd5E0.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd608.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd60D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd614.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd617.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd63B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd63F.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd64E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd655.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd65C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd65D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd671.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6C3.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6C7.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6CB.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6DC.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd6F1.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd704.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd727.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd728.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72A.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd72E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd739.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd73E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd748.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd74A.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd74D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd757.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd76E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd798.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd79C.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd79D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7A7.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7A8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7D0.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd7D5.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd84B.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd866.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd868.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd871.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd872.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd873.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd874.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87D.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87E.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd87F.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd883.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd884.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd891.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd892.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd894.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8A4.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8AD.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8C8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8D2.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\idd8E8.tmp.exe -> Dialer.Agent.z : Cleaned with backup (quarantined).
C:\Program Files\Quivices\Cache\000058c5_43b1b64d_0003d090 -> Downloader.IstBar.j : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\isnotify.exe -> Downloader.Zlob.to : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.239:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.240:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.241:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.242:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.551:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.552:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.123:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.73:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.485:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.486:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.487:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.81:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.84:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.404:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.369:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.233:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.234:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.235:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.90:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.23:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.24:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.25:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.48:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.49:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.50:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.51:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.52:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.53:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.258:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.261:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.151:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.155:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.157:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.464:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.143:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.144:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.145:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.18:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.22:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.360:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.361:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.362:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.370:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.371:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.372:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.373:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.587:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.588:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.589:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.590:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.506:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.507:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.508:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.509:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.510:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.511:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.512:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.513:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.514:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.515:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.516:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.517:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.518:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.519:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.577:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.110:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.111:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.112:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.113:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.400:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.401:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.402:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.385:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.386:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.74:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.76:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.77:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.29:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.394:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.395:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.603:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.136:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.137:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.138:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.319:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.116:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.117:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.118:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.119:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.120:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.121:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.553:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.554:C:\Documents and Settings\mathieu hubert\Application Data\Mozilla\Firefox\Profiles\m9lk92z5.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
********************************************************************
et enfin le rapport de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:43:06, on 08/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\program files\softwin\bitdefender8\bdnagent.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\mathieu hubert\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {91C03C6E-A8AD-A958-F039-FCEA1ABF7A93} - C:\WINDOWS\system32\vbeydwl.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus_3.62\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: *.coolwebsearch.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinsta...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.ca...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: pushow78.dll
O20 - Winlogon Notify: winhab32 - C:\WINDOWS\SYSTEM32\winhab32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol120%\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
*****************************************************************
Voila ! :-?
Bonsoir,
- Lance Hijackthis ->Do a system scan only
->Coche les lignes puis clique sur Fix checked:
R3 - URLSearchHook: (no name) - {91C03C6E-A8AD-A958-F039-FCEA1ABF7A93} - C:\WINDOWS\system32\vbeydwl.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O15 - Trusted Zone: *.coolwebsearch.com
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
C:\WINDOWS\SYSTEM32\pushow78.dll
Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
Recommence avec C:\WINDOWS\SYSTEM32\winhab32.dll
- Lance Hijackthis ->Do a system scan only
->Coche les lignes puis clique sur Fix checked:
R3 - URLSearchHook: (no name) - {91C03C6E-A8AD-A958-F039-FCEA1ABF7A93} - C:\WINDOWS\system32\vbeydwl.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O15 - Trusted Zone: *.coolwebsearch.com
Citation :
- Assure toi d'avoir accès aux dossiers/fichiers cachés-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
C:\WINDOWS\SYSTEM32\pushow78.dll
Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
Recommence avec C:\WINDOWS\SYSTEM32\winhab32.dll
Le fichier c://windows/system32/pushow78.dll est introuvable !
*************************************
Petite precision : je n'ai plus les fenetres d'erreurs qui s'affichaient au debut comme sur le screen de mon 1er post mais ewido m'ouvre souvent une fenetre avec ecrit : Malware found , "Dialer.Agent.z" , "location : c://windows/temp.iddD0.tmp.exe", risk : high !
![]()
**************************************************************************
Sinon voila le rapport de virus total avec : c:windows/system32/winhab32.dll
![]()
*************************************
Petite precision : je n'ai plus les fenetres d'erreurs qui s'affichaient au debut comme sur le screen de mon 1er post mais ewido m'ouvre souvent une fenetre avec ecrit : Malware found , "Dialer.Agent.z" , "location : c://windows/temp.iddD0.tmp.exe", risk : high !
**************************************************************************
Sinon voila le rapport de virus total avec : c:windows/system32/winhab32.dll
Bonsoir,
d'après CastleCops.com : pushow*.dll (* = random number) = AdWare.Win32.AdvertMen.a
1/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
2/ Lance HijackThis
Clique sur le bouton Open the Misc Tools Section
Clique sur Delete a file on reboot...
Dans "Nom du fichier :" colle C:\WINDOWS\SYSTEM32\winhab32.dll puis clique sur Ouvrir
À la question "Voulez-vous redémarrer maintenant ?" clique sur Non
A nouveau clique sur Delete a file on reboot...
Dans "Nom du fichier :" colle C:\WINDOWS\SYSTEM32\pushow78.dll puis clique sur Ouvrir
À la question "Voulez-vous redémarrer maintenant ?" clique sur Oui
3/ Après redémarrage vide le dossier C:\WINDOWS\Temp\
et poste un nouveau rapport HijackThis.
d'après CastleCops.com : pushow*.dll (* = random number) = AdWare.Win32.AdvertMen.a
1/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
2/ Lance HijackThis
Clique sur le bouton Open the Misc Tools Section
Clique sur Delete a file on reboot...
Dans "Nom du fichier :" colle C:\WINDOWS\SYSTEM32\winhab32.dll puis clique sur Ouvrir
À la question "Voulez-vous redémarrer maintenant ?" clique sur Non
A nouveau clique sur Delete a file on reboot...
Dans "Nom du fichier :" colle C:\WINDOWS\SYSTEM32\pushow78.dll puis clique sur Ouvrir
À la question "Voulez-vous redémarrer maintenant ?" clique sur Oui
3/ Après redémarrage vide le dossier C:\WINDOWS\Temp\
et poste un nouveau rapport HijackThis.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumMessages d'erreur avec Microsoft Outlook
- ForumDisque dur aspire L100 s eteint apres demarrageet affiche des messages d erreur
- ForumMessages supprimés par erreur
- ForumMessages d'erreur
- ForumMessages d'erreur
- ForumBlocages / Messages d'erreur pour imprimer
- ForumCss messages d'erreur
- ForumMessages d'erreur mup.sys au demarrage
- Forum[resolu] connection a wolfenstein : messages d'érreur
- ForumMessages d'erreur C:\WINDOWS\csrss.exe
- Voir plus
