Besoin svp d'une analyse de hijackthis
slybzh
Messages postés
39
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous,
j'ai un problème sur mon ordi, il est super lent, l'UC est utilisée n'importe comment.
J'ai fait un scan avec avast et il m'a trouvé des fichiers infectés par un virus worm32netskyC, ces fichiers ont tous été effacés.
Mais le problème persiste, je pense que le worm n'y était pour rien.
j'ai donc fait un scan avec hijackthis, mais je ne sais pas les interpréter...
donc si quelqu'un pouvait m'aider et me dire ce qu'il faut que je fasse avec ça, ce serait extremement sympa!
merci d'avance voilà le log:
Logfile of HijackThis v1.99.1
Scan saved at 09:51:26, on 01/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Wanadoo\Utilisateur1\Sylvain\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Startup: Présentation de Media Manager.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\SPLASHA.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
j'ai un problème sur mon ordi, il est super lent, l'UC est utilisée n'importe comment.
J'ai fait un scan avec avast et il m'a trouvé des fichiers infectés par un virus worm32netskyC, ces fichiers ont tous été effacés.
Mais le problème persiste, je pense que le worm n'y était pour rien.
j'ai donc fait un scan avec hijackthis, mais je ne sais pas les interpréter...
donc si quelqu'un pouvait m'aider et me dire ce qu'il faut que je fasse avec ça, ce serait extremement sympa!
merci d'avance voilà le log:
Logfile of HijackThis v1.99.1
Scan saved at 09:51:26, on 01/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Wanadoo\Utilisateur1\Sylvain\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Startup: Présentation de Media Manager.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\SPLASHA.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:
- Besoin svp d'une analyse de hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Nouveau tag analysé - Forum Huawei
3 réponses
salut,
j'ai scanné avec spyware doctor et il a trouvé 100 infections, mais il veut pas les enlever, il veut que j'achète le logiciel...
voilà ce qu'il a trouvé:
Infection Name Location Risk
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156} Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid32 Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid32## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib##Version Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929} Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid32 Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid32## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib##Version Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom## Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CLSID Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CLSID## Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CurVer Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CurVer## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2} Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0\win32 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0\win32## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\FLAGS Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\FLAGS## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\HELPDIR Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\HELPDIR## Medium
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore High
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\KZPNUY71\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\OLEV0LMB\bins=1[1].gif Low
IEAccess.HTMLAccess C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\VYSBFDOT\exit[1].html Medium
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\VYSBFDOT\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\MD47ID0D\bnum=40114445[1] Low
Affiliated with Browser Hijackers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\KZPNUY71\index[7].html Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\8DURUN4H\1565[1].swf Elevated
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\OLEV0LMB\pops=6[1] Low
Common Components for Carpe Diem dialers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZE0FNT41\468x80_03[1].jpeg Elevated
Known Bad Sites C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\4T0ZKB4V\fcnt[1].html High
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\Z6077XKX\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ilead.itrack[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@ads.webfever.kadserver[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@click-fr[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@ads.deblok.net.kadserver[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@targetnet[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@gator[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@tradedoubler[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@advertising[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@hitbox[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@servedby.advertising[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@valueclick[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@tribalfusion[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ehg-dig.hitbox[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@xiti[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ehg-vivacances.hitbox[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[4].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@phg.hitbox[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@go[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@statse.webtrendslive[2].txt Medium
Known Bad Sites C:\Documents and Settings\Sylvain\Cookies\sylvain@www.parisvoyeur[1].txt High
Known Bad Sites C:\Documents and Settings\Sylvain\Cookies\sylvain@tracker.affistats[2].txt High
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@bluestreak[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@maxserving[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@overture[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@doubleclick[1].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@fastclick[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@2o7[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@fl01.ct2.comclick[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@realmedia[3].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@disney.go[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@atwola[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@questionmarket[1].txt Medium
Common Components for Claria C:\Documents and Settings\Sylvain\Cookies\sylvain@belnk[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@www.burstbeacon[1].txt Medium
2nd-thought.com C:\Documents and Settings\Sylvain\Cookies\sylvain@as-us.falkag[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@adtech[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@112.2o7[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@serving-sys[1].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@mediaplex[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@247realmedia[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@seeq[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@dcs73d8ey4twkfbrtpj35l5z1_3m1y[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@atdmt[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@bs.serving-sys[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@apmebf[1].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@burstnet[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@com[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@casalemedia[1].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@paycounter[2].txt Low
en gros les noms des trucs qu'il a trouvé sont:
claria (autre nom=gator)
2nd thought.com
tracking cookie
known bad sites
common components for carpe diem dialers
trojan.dialer.fu
your site bar
advertising
IEAccess.HTMLAccess
Affiliated with browsers hijackers
vous savez comment je pourrais les enlever???
merci!
j'ai scanné avec spyware doctor et il a trouvé 100 infections, mais il veut pas les enlever, il veut que j'achète le logiciel...
voilà ce qu'il a trouvé:
Infection Name Location Risk
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156} Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid32 Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\ProxyStubClsid32## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib## Medium
Trojan.Dialer.FU HKCR\Interface\{639581D0-8376-4073-B73B-45993FA45156}\TypeLib##Version Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929} Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid32 Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\ProxyStubClsid32## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib## Medium
Trojan.Dialer.FU HKCR\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929}\TypeLib##Version Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom## Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CLSID Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CLSID## Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CurVer Medium
Trojan.Dialer.FU HKCR\SysWebTelecom.SysWebTelecom\CurVer## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2} Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0\win32 Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\0\win32## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\FLAGS Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\FLAGS## Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\HELPDIR Medium
Trojan.Dialer.FU HKCR\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2}\1.0\HELPDIR## Medium
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore High
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\KZPNUY71\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\OLEV0LMB\bins=1[1].gif Low
IEAccess.HTMLAccess C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\VYSBFDOT\exit[1].html Medium
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\VYSBFDOT\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\MD47ID0D\bnum=40114445[1] Low
Affiliated with Browser Hijackers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\KZPNUY71\index[7].html Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\8DURUN4H\1565[1].swf Elevated
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\OLEV0LMB\pops=6[1] Low
Common Components for Carpe Diem dialers C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\ZE0FNT41\468x80_03[1].jpeg Elevated
Known Bad Sites C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\4T0ZKB4V\fcnt[1].html High
Advertising C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\Z6077XKX\bins=1[1].gif Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ilead.itrack[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@ads.webfever.kadserver[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@click-fr[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@ads.deblok.net.kadserver[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@targetnet[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@gator[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@tradedoubler[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@advertising[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@hitbox[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@servedby.advertising[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@valueclick[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@tribalfusion[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ehg-dig.hitbox[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@xiti[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@ehg-vivacances.hitbox[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@cgi-bin[4].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@phg.hitbox[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@go[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@statse.webtrendslive[2].txt Medium
Known Bad Sites C:\Documents and Settings\Sylvain\Cookies\sylvain@www.parisvoyeur[1].txt High
Known Bad Sites C:\Documents and Settings\Sylvain\Cookies\sylvain@tracker.affistats[2].txt High
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@bluestreak[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@maxserving[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@overture[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@doubleclick[1].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@fastclick[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@2o7[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@fl01.ct2.comclick[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@realmedia[3].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@disney.go[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@atwola[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@questionmarket[1].txt Medium
Common Components for Claria C:\Documents and Settings\Sylvain\Cookies\sylvain@belnk[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@www.burstbeacon[1].txt Medium
2nd-thought.com C:\Documents and Settings\Sylvain\Cookies\sylvain@as-us.falkag[2].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@adtech[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@112.2o7[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@serving-sys[1].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@mediaplex[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@247realmedia[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@seeq[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@dcs73d8ey4twkfbrtpj35l5z1_3m1y[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@atdmt[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@bs.serving-sys[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Sylvain\Cookies\sylvain@apmebf[1].txt Medium
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@burstnet[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@com[2].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@casalemedia[1].txt Low
Advertising C:\Documents and Settings\Sylvain\Cookies\sylvain@paycounter[2].txt Low
en gros les noms des trucs qu'il a trouvé sont:
claria (autre nom=gator)
2nd thought.com
tracking cookie
known bad sites
common components for carpe diem dialers
trojan.dialer.fu
your site bar
advertising
IEAccess.HTMLAccess
Affiliated with browsers hijackers
vous savez comment je pourrais les enlever???
merci!
salut,
Commence par scanner ton pc avec ces 2 anti spywares complémentaires :
1/Spybot S&D 1.4 <<nouvelle version
http://www.safer-networking.org/fr/index.htm
Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/Ad-Aware SE 1.06 <<nouvelle version
http://www.lavasoftusa.com/software/adaware/
-Une aide:
http://www.tutopat.com/viewtopic.php?t=1191
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation)
puis
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Une fois tu as tous supprimer ce qu il te trouve, refais un scan
a+
Commence par scanner ton pc avec ces 2 anti spywares complémentaires :
1/Spybot S&D 1.4 <<nouvelle version
http://www.safer-networking.org/fr/index.htm
Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/Ad-Aware SE 1.06 <<nouvelle version
http://www.lavasoftusa.com/software/adaware/
-Une aide:
http://www.tutopat.com/viewtopic.php?t=1191
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation)
puis
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Une fois tu as tous supprimer ce qu il te trouve, refais un scan
a+
