Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
1612 connectés 

  FORUM HardWare.fr
  Windows & Software
  Sécurité

  virus fake alert

 
 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

virus fake alert

n°2464464
theosk8
Posté le 18-07-2006 à 13:52:01  profilanswer
 

voila j'ai eu un message sur mon pc me disant que explorer.exe a rencontrer un probleme et bit defender me dit que mon pc a ete infecter par un virus nome fake alerte( je n'ai plus le nom exacte).  
mon antivirus a donc retirer le virus et il ne le detecte plus quand je scane le disk dur pourtant j'ai toujou se meme message d'erreur (quand je lance une video) qui apparai mai plus le message de bit defender a props du virus.
le virus est il toujour la?
comment l'enlever?
explorer.exe a vraiment un probleme? :pt1cable:  
merci.

mood
Publicité
Posté le 18-07-2006 à 13:52:01  profilanswer
 

n°2464482
the bruce ​lee
Posté le 18-07-2006 à 14:16:48  profilanswer
 

Bonjour,
 
peux tu me donner le message d'erreur s'il te plait.
 
Ta bestiole (si c'en est bien une) doit se lancer au demarrage.
 
telecharge la version original de hijackthis http://www.merijn.org/files/hijackthis.zip
 
déconnecte toi du net et installe le.
 
lance le en cliquant sur Do a system scan and save a logfile a la fin du scan le bloc note va s'
ouvrir tu fais un copier coller de tout son contenu.
 

n°2464497
theosk8
Posté le 18-07-2006 à 14:28:56  profilanswer
 

ok je vai essayer
voila le message d'erreur:
 
Type de l'événement : Erreur
Source de l'événement : Application Error
Catégorie de l'événement : Aucun
ID de l'événement : 1000
Date :  18/07/2006
Heure :  13:21:37
Utilisateur : N/A
Description :
Application défaillante explorer.exe, version 6.0.2900.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x02673206.
 
Pour plus d'informations, consultez le centre Aide et support à l'adresse http://go.microsoft.com/fwlink/events.asp.
Données :
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 65 78 70   ure  exp
0018: 6c 6f 72 65 72 2e 65 78   lorer.ex
0020: 65 20 36 2e 30 2e 32 39   e 6.0.29
0028: 30 30 2e 32 31 38 30 20   00.2180  
0030: 69 6e 20 75 6e 6b 6e 6f   in unkno
0038: 77 6e 20 30 2e 30 2e 30   wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66   .0 at of
0048: 66 73 65 74 20 30 32 36   fset 026
0050: 37 33 32 30 36 0d 0a      73206..  

n°2464510
the bruce ​lee
Posté le 18-07-2006 à 14:40:19  profilanswer
 

re,
 
poste un rapport hijackthis s'il te plait

n°2464519
theosk8
Posté le 18-07-2006 à 14:45:50  profilanswer
 

att je ne l'instalerai que se soir je le post apres

n°2464667
theosk8
Posté le 18-07-2006 à 16:37:05  profilanswer
 

et voila le rapport
 
Logfile of HijackThis v1.99.1
Scan saved at 16:36:40, on 18/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\theo\Bureau\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: altmannsberger - {210b4043-35ca-4aa0-8796-191f9663dfb3} - C:\WINDOWS\system32\vpxnk.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

n°2464708
big_dadi_f​at
Posté le 18-07-2006 à 17:08:21  profilanswer
 

je te conseille de telecharger spybot .
 
mais je ne croi pas que ton problémé est causé par un virus ou spyware ...  
 
 
 

n°2464741
theosk8
Posté le 18-07-2006 à 17:40:47  profilanswer
 

ok merci

n°2464774
the bruce ​lee
Posté le 18-07-2006 à 18:07:18  profilanswer
 

re,
 
1/Télécharger http://siri.urz.free.fr/Fix/SmitfraudFix.zip
 
2/ Dézipper la totalité de l'archive sur ton bureau.
 
Double cliquer sur smitfraudfix.cmd  
Sélectionner 1 dans le menu pour créer un rapport des fichiers responsables de l'infection.  
sauvegarde ce rapport et poste le

n°2465045
theosk8
Posté le 18-07-2006 à 21:10:02  profilanswer
 

spybot ma virer 50 truc.
et voila le rapport de smitfraudfix:
 
SmitFraudFix v2.73
 
Rapport fait à 21:08:55,39, 18/07/2006
Executé à partir de C:\Documents and Settings\theo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
 
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\1024\ PRESENT !
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\theo\Application Data
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\theo\Favoris
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files  
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"altmannsberger"="{210b4043-35ca-4aa0-8796-191f9663dfb3}"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Fin

mood
Publicité
Posté le 18-07-2006 à 21:10:02  profilanswer
 

n°2465048
the bruce ​lee
Posté le 18-07-2006 à 21:12:14  profilanswer
 

3/* Redemarrer l'ordinateur en mode sans echec http://www.sosordi.net/Faq/Faq.2.html
  * Double cliquer sur smitfraudfix.cmd
  * Sélectionner 2 dans le menu pour supprimer les fichiers respondables de l'infection.
  * A la question: Voulez-vous nettoyer le registre ? répondre O (oui)
sauvegarde le rapport.
 
redemarre en mode normal et post aussi le nouveau rapport ainsi qu'un nouveau log hijackthis

n°2465479
theosk8
Posté le 19-07-2006 à 11:17:51  profilanswer
 

euh smitfraudfix n'apparait plus sur le bureau en mode sans echec.

n°2465483
the bruce ​lee
Posté le 19-07-2006 à 11:20:51  profilanswer
 

bonjour,
 
regarde bien, il doit y etre; c'est obligé

n°2465543
theosk8
Posté le 19-07-2006 à 12:00:46  profilanswer
 

smit fraud n'aparaissai pa sur le bureau mais je l'es copier dans un fichier et la c'etai bon.
 
SmitFraudFix v2.73
 
Rapport fait à 11:53:13,12, 19/07/2006
Executé à partir de C:\
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
 
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"altmannsberger"="{210b4043-35ca-4aa0-8796-191f9663dfb3}"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
 
GenericRenosFix by S!Ri
 
C:\WINDOWS\system32\vpxnk.dll -> Missing File
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
 
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\1024\ supprimé
 
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé.  
 
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Fin
 
 
 
 
 
Logfile of HijackThis v1.99.1
Scan saved at 11:59:02, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Documents and Settings\theo\Bureau\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

n°2465546
the bruce ​lee
Posté le 19-07-2006 à 12:04:24  profilanswer
 

bonjour,
 
Si durant la procedure ci bas, il y a des etapes que tu n'as pas reussi a faire, merci de  
continuer la procedure jusqu'au bout et de les signaler dans ta prochaine reponse.
 
 
1/Télécharge http://www.ewido.net/en/download/ Ewido anti-spyware
 
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.
 
Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"
 
Ferme Ewido. Ne pas le lancer tout de suite.
 
 
2/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html
 
 
3/lance hijackthis en cliquant sur do a scan system only coche cette ligne:
 
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe  
 
Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked
 
 
4/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:
 

Citation :

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Cocher la case : Afficher les fichiers et dossiers cachés
Décocher la case : Masquer les extensions des fichiers dont le type est connu
Décocher la case : Masquer les fichiers protégés du système d'exploitation
cliquer sur "Appliquer"
cliquer sur le bouton "Appliquer à tous les dossiers" / OK


 
5/

Citation :

demarrer,rechercher,clique sur tous les fichiers et tout les dossiers, clique sur les deux petites fleches a cotes de options avancées
et coche rechercher dans les fichiers et dossiers cachés.


 
6/recherche (demarrer/rechercher) et supprime ce fichier si tu le trouves:
 
rwnt.exe
 
 
7/ Du mode Sans Échec, lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.  Le scan prendra un certain temps, donc sois patient.
 
Ewido affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. Ewido affichera "All actions have been applied" du côté droit.
 
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).
 
 
8/redemarre en mode normal
 
9/poste le rapport d'ewido ainsi qu'un nouveau log hijackthis.
 
bon courage, et si tu as la moindre question n'hesite surtout pas ;)
 
@+

n°2465661
theosk8
Posté le 19-07-2006 à 14:01:33  profilanswer
 

bon j ai tt fai et j espere ne pas a avoir le refair.
hijackthis a degager rwnt.exe car je ne les pas retrouver avec la recherche.
 
voila les rapport:
 
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
 
 + Created at: 13:54:35 19/07/2006
 
 + Scan result:  
 
 
 
:mozilla.242:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.243:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.244:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.245:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.246:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.247:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.248:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.249:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.250:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.251:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.252:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.253:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.254:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.255:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.256:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.257:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.258:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.259:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.260:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.262:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.531:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.285:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.286:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.293:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.294:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.858:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Belstat : Cleaned.
:mozilla.859:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Belstat : Cleaned.
:mozilla.111:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.788:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.860:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.136:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.138:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.84:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.85:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.92:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.93:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.352:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.772:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.773:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.774:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.214:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.419:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.287:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.190:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.229:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.230:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.231:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.232:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.233:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.319:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.320:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.321:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.753:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.754:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.755:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.756:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.757:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.758:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.94:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.95:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.96:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.97:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.98:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.99:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.787:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.187:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.811:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.812:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.208:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.212:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.551:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.289:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.290:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.291:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.292:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.571:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.572:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.573:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.818:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.819:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.820:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.821:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.822:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.593:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.345:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.608:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.609:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.610:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.611:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.357:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.364:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.365:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.366:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.368:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.369:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.370:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.371:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.372:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.373:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.374:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.375:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.376:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.377:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.378:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.379:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.380:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.381:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.382:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.383:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.384:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.385:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.386:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.220:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.221:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.222:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.223:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.629:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.630:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.631:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.632:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.633:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.634:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.635:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.653:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.654:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.66:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.67:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.68:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.69:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.70:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.71:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.72:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.73:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.74:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.666:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.667:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.668:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.669:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.670:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.671:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.103:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.104:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.43:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.44:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.45:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.46:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\theo\Cookies\theo@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.356:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.76:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.78:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.79:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.80:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.81:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.82:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.83:C:\Documents and Settings\theo\Application Data\Mozilla\Firefox\Profiles\6mvspx6k.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
 
 
::Report end
 
 
 
 
Logfile of HijackThis v1.99.1
Scan saved at 13:58:20, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\theo\Bureau\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com  
O15 - Trusted Zone: http://*.windowsupdate.com  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfca [...] Config.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4082608968
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:  sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 

n°2465882
the bruce ​lee
Posté le 19-07-2006 à 16:59:53  profilanswer
 

re,
 
ton log est propre, as tu encore des problemes avec ton PC?

n°2465914
theosk8
Posté le 19-07-2006 à 17:30:25  profilanswer
 

nan pas pour l'instant je te tient au courant.
merci bcp


Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Windows & Software
  Sécurité

  virus fake alert

 

Sujets relatifs
virus sous ircvirus "w32.licum" help!!
Virus en quarantaine, lesquels puis-je supprimer ?virus qui bloque internet, et tout les antivir, logs hijack ds le post
Demandes de contact MSN étranges ... [VIRUS?]Problèmes d'installation/désinstallation lié à un virus? ou a panda ?
virus fermant les installeurs et le gestionnaire de taches[RESIDUS] ...de virus sur le curseur
"Impossible" de supprimer des virus et parasitesDéconnections dues a un virus de film X
Plus de sujets relatifs à : virus fake alert

Forum MesDiscussions.Net, Version 2010.2
(c) 2000-2011 Doctissimo
Page générée en 0.098 secondes

Copyright © 1997-2022 Hardware.fr SARL (Signaler un contenu illicite / Données personnelles) / Groupe LDLC / Shop HFR