Sujet Précédent Sujet Suivant

W32.myzor.fk@yf

Fermé
freezymar Messages postés 2 Date d'inscription vendredi 24 novembre 2006 Statut Membre Dernière intervention 24 novembre 2006 - 24 nov. 2006 à 10:21
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 24 nov. 2006 à 12:40
Depuis hier je suis infecté par ce maudit torjan et je n'arrive pas a le supprimer, j'utilise NOD32 comme anti virus et il ne le détecte pas. j'ai un peu suivi ce qui a été mentionné sur les autres topics mais toujours rien.
voici le log hikack :
Logfile of HijackThis v1.99.1
Scan saved at 10:16:47, on 24/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\system32\isnotify.exe
C:\Program Files\Gold Codec\isamonitor.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Gold Codec\isamini.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\web2005\apache222\bin\ApacheMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fhelp%2fHelp4%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {755bbd1a-aa59-456c-afeb-b4c42c4dcb6f} - C:\WINDOWS\system32\ixt0.dll
O2 - BHO: (no name) - {ae18da4e-be15-4925-81bb-890c04af0200} - C:\Program Files\Gold Codec\isaddon.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\web2005\apache222\bin\ApacheMonitor.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://power-dabdoub.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B31D1F00-2A0D-4B9C-911B-6239E2ED2A2B} (ATLWebSurv Class) - http://85.31.210.51/jfm_v3/site/publish/content/Ctl/ATLWebSurvCOM.CAB
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.51.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winbhh32 - winbhh32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - C:\WINDOWS\system32\dcvwaah.dll (file missing)
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

3 réponses

Réponse 1 / 3
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
24 nov. 2006 à 10:29
Salut

Fais ce qui suit
stp
merci

Télécharge (sauf si tu les as) et colle les
rapports dans l’ordre

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :

https://www.avg.com/en-ww/free-antivirus-download

Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Copie/colle le rapport


E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
0
Réponse 2 / 3
freezymar Messages postés 2 Date d'inscription vendredi 24 novembre 2006 Statut Membre Dernière intervention 24 novembre 2006
24 nov. 2006 à 12:17
Voici les rapports de scan :
====================================
======= Adware =========
====================================
Ad-Aware SE Build 1.06r1
Logfile Created on:vendredi 24 novembre 2006 11:59:54
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:Se1R134 20.11.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.SafetyBar(TAC index:3):1 total references
Tracking Cookie(TAC index:3):7 total references
VirusBurst(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


24-11-2006 11:59:54 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 716
ThreadCreationTime : 24-11-2006 08:48:30
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 24-11-2006 08:48:33
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 24-11-2006 08:48:37
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 24-11-2006 08:48:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 868
ThreadCreationTime : 24-11-2006 08:48:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1012
ThreadCreationTime : 24-11-2006 08:48:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1092
ThreadCreationTime : 24-11-2006 08:48:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1136
ThreadCreationTime : 24-11-2006 08:48:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1188
ThreadCreationTime : 24-11-2006 08:48:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1280
ThreadCreationTime : 24-11-2006 08:48:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1648
ThreadCreationTime : 24-11-2006 08:48:41
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [cisvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 312
ThreadCreationTime : 24-11-2006 08:48:59
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cisvc.exe

#:13 [icecastservice.exe]
FilePath : C:\Program Files\Icecast2 Win32\
ProcessID : 340
ThreadCreationTime : 24-11-2006 08:48:59
BasePriority : Normal


#:14 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 372
ThreadCreationTime : 24-11-2006 08:48:59
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:15 [nod32krn.exe]
FilePath : C:\Program Files\Eset\
ProcessID : 468
ThreadCreationTime : 24-11-2006 08:48:59
BasePriority : Normal
FileVersion : 2, 51, 30
ProductVersion : 2, 51, 30
ProductName : NOD32 Antivirus System
CompanyName : Eset
FileDescription : NOD32 Kernel Service
InternalName : NOD32 Kernel
LegalCopyright : Copyright (c) 1992-2005 Eset
LegalTrademarks : NOD, NOD32, AMON, ESET are registered trademarks of Eset
OriginalFilename : nod32krn.exe

#:16 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 780
ThreadCreationTime : 24-11-2006 08:49:03
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:17 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 972
ThreadCreationTime : 24-11-2006 08:49:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:18 [suservice.exe]
FilePath : c:\program files\lenovo\system update\
ProcessID : 1044
ThreadCreationTime : 24-11-2006 08:49:03
BasePriority : Normal


#:19 [tpkmpsvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1312
ThreadCreationTime : 24-11-2006 08:49:05
BasePriority : Normal


#:20 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1792
ThreadCreationTime : 24-11-2006 08:49:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:21 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1476
ThreadCreationTime : 24-11-2006 08:49:49
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:22 [issearch.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 240
ThreadCreationTime : 24-11-2006 08:49:55
BasePriority : Normal


#:23 [isnotify.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 236
ThreadCreationTime : 24-11-2006 08:49:55
BasePriority : Normal


#:24 [isamonitor.exe]
FilePath : C:\Program Files\Gold Codec\
ProcessID : 1704
ThreadCreationTime : 24-11-2006 08:49:57
BasePriority : Normal


#:25 [dap.exe]
FilePath : C:\Program Files\DAP\
ProcessID : 1244
ThreadCreationTime : 24-11-2006 08:49:58
BasePriority : Normal
FileVersion : 8, 1, 3, 8
ProductVersion : 8, 1, 3, 8
ProductName : Download Accelerator Plus (DAP)
CompanyName : Speedbit Ltd.
FileDescription : Download Accelerator Plus (DAP)
InternalName : DAP
LegalCopyright : Copyright (C) 1999 - 2006 Speedbit Ltd.
OriginalFilename : DAP.EXE
Comments : 214

#:26 [realsched.exe]
FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
ProcessID : 2224
ThreadCreationTime : 24-11-2006 08:50:02
BasePriority : Normal
FileVersion : 0.1.0.3292
ProductVersion : 0.1.0.3292
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:27 [nod32kui.exe]
FilePath : C:\Program Files\Eset\
ProcessID : 2240
ThreadCreationTime : 24-11-2006 08:50:02
BasePriority : Normal
FileVersion : 2, 51, 30
ProductVersion : 2, 51, 30
ProductName : NOD32 Antivirus System
CompanyName : Eset
FileDescription : NOD32 Control Center GUI
InternalName : NOD32 Control Center GUI
LegalCopyright : Copyright (c) 1992-2005 Eset
LegalTrademarks : NOD, NOD32, AMON, ESET are registered trademarks of Eset
OriginalFilename : nod32kui.exe

#:28 [isamini.exe]
FilePath : C:\Program Files\Gold Codec\
ProcessID : 2264
ThreadCreationTime : 24-11-2006 08:50:03
BasePriority : Normal


#:29 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2256
ThreadCreationTime : 24-11-2006 08:50:04
BasePriority : Normal
FileVersion : 8.0.0812.00
ProductVersion : 8.0.0812
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:30 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2396
ThreadCreationTime : 24-11-2006 08:50:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:31 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2436
ThreadCreationTime : 24-11-2006 08:50:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:32 [apachemonitor.exe]
FilePath : C:\web2005\apache222\bin\
ProcessID : 2692
ThreadCreationTime : 24-11-2006 08:50:19
BasePriority : Normal
FileVersion : 2.2.3
ProductVersion : 2.2.3
ProductName : Apache HTTP Server
CompanyName : Apache Software Foundation
FileDescription : Apache HTTP Server Monitor
InternalName : ApacheMonitor.exe
LegalCopyright : Copyright 2006 The Apache Software Foundation.
OriginalFilename : ApacheMonitor.exe
Comments : Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

#:33 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 4072
ThreadCreationTime : 24-11-2006 08:51:53
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:34 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\
ProcessID : 2036
ThreadCreationTime : 24-11-2006 08:52:04
BasePriority : Normal
FileVersion : 1, 2, 908, 5008
ProductVersion : 1, 2, 908, 5008
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:35 [cidaemon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3536
ThreadCreationTime : 24-11-2006 08:56:24
BasePriority : Idle
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cidaemon.exe

#:36 [cidaemon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3720
ThreadCreationTime : 24-11-2006 08:56:28
BasePriority : Idle
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cidaemon.exe

#:37 [thunderbird.exe]
FilePath : C:\Program Files\Mozilla Thunderbird\
ProcessID : 2832
ThreadCreationTime : 24-11-2006 09:15:32
BasePriority : Normal


#:38 [editpadlite.exe]
FilePath : C:\Program Files\JGsoft\EditPadLite\
ProcessID : 2448
ThreadCreationTime : 24-11-2006 09:16:47
BasePriority : Normal
FileVersion : 6.1.2.0
ProductVersion : 6.1.2
ProductName : EditPad Lite
CompanyName : JGsoft - Just Great Software
FileDescription : EditPad Lite
LegalCopyright : Copyright © 1996-2006 Jan Goyvaerts
OriginalFilename : EditPad.exe
Comments : Visit https://www.editpadlite.com/ for more information

#:39 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 620
ThreadCreationTime : 24-11-2006 09:25:20
BasePriority : Normal


#:40 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 3564
ThreadCreationTime : 24-11-2006 09:43:43
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:41 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3652
ThreadCreationTime : 24-11-2006 09:43:53
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE

#:42 [guard.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 536
ThreadCreationTime : 24-11-2006 09:51:13
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:43 [avgas.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 2900
ThreadCreationTime : 24-11-2006 09:51:46
BasePriority : Normal
FileVersion : 7, 5, 0, 50
ProductVersion : 7, 5, 0, 50
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware
InternalName : AVG Anti-Spyware
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : avgas.exe

#:44 [acrotray.exe]
FilePath : C:\Program Files\Adobe Acrobat 6.0\Distillr\
ProcessID : 3848
ThreadCreationTime : 24-11-2006 10:46:44
BasePriority : Normal
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:45 [acrotray.exe]
FilePath : C:\Program Files\Adobe Acrobat 6.0\Distillr\
ProcessID : 160
ThreadCreationTime : 24-11-2006 10:46:46
BasePriority : Normal
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:46 [acrobat.exe]
FilePath : C:\Program Files\Adobe Acrobat 6.0\Acrobat\
ProcessID : 3492
ThreadCreationTime : 24-11-2006 10:51:11
BasePriority : Normal
FileVersion : 6.0.0.2003051900
ProductVersion : 6.0.0.2003051900
ProductName : Adobe Acrobat
CompanyName : Adobe Systems Incorporated
FileDescription : Adobe Acrobat 6.0
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : acrobat.exe

#:47 [wisptis.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1396
ThreadCreationTime : 24-11-2006 10:52:54
BasePriority : High
FileVersion : 1.0.2201.0 (xpsp1.020820-1800)
ProductVersion : 1.0.2201.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Platform Component
InternalName : WISPTIS.EXE
LegalCopyright : Copyright © 1998-2002 Microsoft Corporation.
OriginalFilename : WISPTIS.EXE

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

VirusBurst Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6a66cc28-f0a2-fcbc-d3d5-1ea3001ed26a}

Adware.SafetyBar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-2025429265-688789844-854245398-1003\software\microsoft\windows\currentversion\ext\stats\{052b12f7-86fa-4921-8482-26c42316b522}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@247realmedia[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@atdmt[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ramzi@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\RAMZI\Cookies\ramzi@zedo[1].txt

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 9



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
<STOP>

Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Disk Scan Result for C:\DOCUME~1\RAMZI\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
12:15:38 Scan stopped by user

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:15:44.418
Objects scanned:94991
Objects identified:9
Objects ignored:0
New critical objects:9



====================================
======= spybot =========
====================================
FunWebProducts: Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
PestTrap: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-2025429265-688789844-854245398-1003\Software\Internet Security
PestTrap: Réglages utilisateur (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-2025429265-688789844-854245398-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\*\pmsngr.exe
Vcodec: Donnée (Fichier, nothing done)
C:\WINDOWS\system32\ts.ico
Smitfraud-C.: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\kernel32.dll
Smitfraud-C.: Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\ixt0.dll
Smitfraud-C.: Exécutable (Fichier, nothing done)
C:\WINDOWS\system32\isnotify.exe
Smitfraud-C.: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ishost.exe
Smitfraud-C.: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\issearch.exe
Smitfraud-C.Toolbar888: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-2025429265-688789844-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3
A}
Smitfraud-C.Toolbar888: Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR
Zlob.HomepageMonitor: Réglages utilisateur (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-2025429265-688789844-854245398-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\*\isamonitor.exe
MyWay.MyWebSearch: Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
NewDotNet: <$WINSOCK> (Winsock, nothing done)
AntiverminsPro: Dossier Programme (Répertoire, nothing done)
C:\Program Files\AntiVerminsPro\
Microsoft.Windows.Security.InternetExplorer: Réglages (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-2025429265-688789844-854245398-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\i
explore.exe!=W=1
Microsoft.WindowsSecurityCenter.AntiVirusOverride: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0
MarketScore: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\system32
\rlvknlg.exe
MarketScore: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\system32
\rlvknlg.exe
MyWebSearch: Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
MyWebSearch: Interface (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
PestTrap: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
BlueStreak: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
Zedo: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
Avenue A, Inc.: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
DoubleClick: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
MediaPlex: Cookie traceur (Internet Explorer: RAMZI) (Cookie, nothing done)
Avenue A, Inc.: Cookie traceur (Firefox: default) (Cookie, nothing done)
DoubleClick: Cookie traceur (Firefox: default) (Cookie, nothing done)
Tradedoubler: Cookie traceur (Firefox: default) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-11-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-11-17 Includes\Cookies.sbi (*)
2006-10-13 Includes\Dialer.sbi (*)
2006-11-17 Includes\DialerC.sbi (*)
2006-11-03 Includes\Hijackers.sbi (*)
2006-11-17 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2006-11-17 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-10-13 Includes\Malware.sbi (*)
2006-11-17 Includes\MalwareC.sbi (*)
2006-10-20 Includes\PUPS.sbi (*)
2006-11-17 Includes\PUPSC.sbi (*)
2006-11-17 Includes\Revision.sbi (*)
2006-10-13 Includes\Security.sbi (*)
2006-11-17 Includes\SecurityC.sbi (*)
2006-10-13 Includes\Spybots.sbi (*)
2006-11-17 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-11-17 Includes\Trojans.sbi (*)
2006-11-17 Includes\TrojansC.sbi (*)
====================================
======= Ccleaner =========
====================================

ANALYSE COMPLETE - (64,496 secs)
------------------------------------------------------------------------------------------
10,0MB ont été supprimés. (Taille approximative)
------------------------------------------------------------------------------------------

Détails des fichiers à supprimer (Note: AUCUN fichier n'a pour l'instant été supprimé)
------------------------------------------------------------------------------------------
Fichiers Temporaires d'Internet Explorer (fichiers 783) 9,35MB
C:\Documents and Settings\RAMZI\Cookies\ramzi@1071183736[1].txt 364 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@247realmedia[2].txt 262 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@85.17.4[1].txt 577 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@adtech[2].txt 160 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@antivirusgolden[1].txt 77 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@atdmt[1].txt 99 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@a[1].txt 94 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@betanews.us.smarttargetting[1].txt 135 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@bluestreak[1].txt 219 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@cisco[1].txt 99 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@com[1].txt 89 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@doubleclick[2].txt 83 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@download[1].txt 94 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@edt02[1].txt 297 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@ewido[2].txt 116 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@fileratings[2].txt 268 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@google[1].txt 130 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@i2as.idregie[2].txt 99 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@idregie[2].txt 281 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@malwarewipe[1].txt 71 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@mediaplex[1].txt 79 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@messenger.msn[1].txt 96 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@msn[2].txt 238 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@revsci[2].txt 253 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@www.commentcamarche[1].txt 115 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@www.pesttrap[1].txt 75 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@xiti[1].txt 99 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@yahoo[2].txt 158 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@yourieprotect[1].txt 244 bytes
C:\Documents and Settings\RAMZI\Cookies\ramzi@zedo[1].txt 280 bytes
Marqué pour l'effacement: C:\Documents and Settings\RAMZI\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marqué pour l'effacement: C:\Documents and Settings\RAMZI\Cookies\index.dat
C:\WINDOWS\TEMP\WGAErrLog.txt 43 bytes
C:\WINDOWS\TEMP\WGANotify.settings 409 bytes
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\8FB6501C.TMP 107 bytes
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\InstHelp.dll 56,00KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\MessengerCache\lFYXYf28dfI3SFPW1YhXLDVCipU= 10,60KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\MessengerCache\nEUiaT2FDFxt16fPPunu5RgqfmdQ= 20,03KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\MessengerCache\oa60mmkvRQcIUyB2F1DGUUgolO2FA= 24,29KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\MessengerCache\pQVjvk1ZiYjJy+1BXK6TRXscuu8= 2,49KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\MessengerCache\WecIlpC9UU2qI1hYVGo4a2F1Yy4c= 22,57KB
C:\DOCUME~1\RAMZI\LOCALS~1\Temp\~DFEF4C.tmp 16,00KB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 260 bytes
C:\WINDOWS\system32\wbem\Logs\wbemess.log 946 bytes
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 67 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\setupapi.log 9,55KB
C:\WINDOWS\Debug\UserMode\userenv.log 1,69KB
Le nettoyage du cache de Firefox/Mozilla a été ignoré.
Cookie supprimé: atdmt.com
Cookie supprimé: mresapub.com
Cookie supprimé: mresapub.com
Cookie supprimé: mresapub.com
Cookie supprimé: mresapub.com
Cookie supprimé: mresapub.com
Cookie supprimé: cybermonitor.com
Cookie supprimé: doubleclick.net
Cookie supprimé: power-ess.com
Cookie supprimé: power-ess.com
Cookie supprimé: tradedoubler.com
Cookie supprimé: questionmarket.com
Cookie supprimé: questionmarket.com
Cookie supprimé: questionmarket.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: rad.msn.com
Cookie supprimé: www.msn.com
Cookie supprimé: www.msn.com
Cookie supprimé: msnportal.112.2o7.net
Cookie supprimé: aus2.mozilla.org
Cookie supprimé: live.com
C:\Documents and Settings\RAMZI\Application Data\Google\Local Search History\google%2Eweb.w 54 bytes
C:\Documents and Settings\RAMZI\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 348 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061124-1103.log 2,18KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061124-1141.txt 5,17KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Update downloads.log 5,15KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 1,07KB
C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref.old 0,45MB
C:\Documents and Settings\RAMZI\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2006-11-24 11-59-05.txt 26,15KB
C:\Program Files\DAP\Temp\ADS11BA.tmp 104 bytes
C:\Program Files\DAP\Temp\ADS394.tmp 104 bytes
C:\Program Files\DAP\Temp\ADS985.tmp 104 bytes
C:\Program Files\DAP\Temp\ADSA.tmp 233 bytes
C:\Program Files\DAP\Temp\ADSF26.tmp 104 bytes
------------------------------------------------------------------------------------------
=================================
== AVG Anti-Spyware - Rapport d'analyse ===
=================================

+ Créé à: 12:00:25 24/11/2006

+ Résultat de l'analyse:



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 -> Adware.Generic : Aucune action entreprise.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-2025429265-688789844-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-2025429265-688789844-854245398-1003\Software\Internet Security -> Adware.IntCodec : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@247realmedia[2].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@adtech[2].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.11:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@doubleclick[2].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\RAMZI\Application Data\Mozilla\Firefox\Profiles\ax4h5pdg.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\RAMZI\Cookies\ramzi@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Aucune action entreprise.


Fin du rapport
0
Réponse 3 / 3
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
24 nov. 2006 à 12:40
AVG et Bitdefender ===> y'avait que ça de demander.....


AVG ==> aucune action antreprise==> n'a pas fonctionné,
Donc refais le en suivant correctement la marche à suivre

Merci

A++
0

Discussions similaires

win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Commande internet correspondance taille US pour jean homme.
Larkos -
Zabou -

5 réponses
Win32:Adware-gen [Adw]
nico -
nico -

98 réponses
Taille française/taille US (jeans). HELP plz!
STL75 -
superthevip -

3 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses