Sujet Précédent Sujet Suivant

Infecte par worm warezov

great_07 Messages postés 14 Statut Membre -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour

AVG Anti Spyware trouve tout le temps Worm Warezov sur mon PC et ne peut pas le supprimer

Pourriez-vous m'aider SVP?

Merci beaucoup

11 réponses

Réponse 1 / 11
easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
 
salut

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/
0
Réponse 2 / 11
great_07 Messages postés 14 Statut Membre
 
BitDefender Online Scanner

Scan report generated at: Sun, Feb 11, 2007 - 14:55:13

Scan path: C:\;D:\;

Statistics

Time

01:27:27

Files

372050

Folders

5586

Boot Sectors

2

Archives

8032

Packed Files

41694

Results

Identified Viruses

5

Infected Files

9

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

8

Engines Info

Virus Definitions

419948

Engine build

AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins

14

Archive plugins

38

Unpack plugins

6

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

Infected with: Trojan.Funweb.A

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

Disinfection failed

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

Deleted

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

Detected with: Adware.Mywebsearch.G

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

Disinfection failed

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

Deleted

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

Detected with: Adware.Mywebsearch.G

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

Disinfection failed

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

Infected with: Trojan.Funweb.A

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

Deleted

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

Infected with: Trojan.Funweb.B

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

Disinfection failed

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

Deleted

C:\WINDOWS\system32\e1.dll

Infected with: Trojan.Dropper.Stration.VD

C:\WINDOWS\system32\e1.dll

Disinfection failed

C:\WINDOWS\system32\e1.dll

Delete failed

C:\WINDOWS\Temp\8.tmp

Infected with: DeepScan:Generic.Stration.1919E237

C:\WINDOWS\Temp\8.tmp

Disinfection failed

C:\WINDOWS\Temp\8.tmp

Deleted
0
Réponse 3 / 11
easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
 
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
0
Réponse 4 / 11
great_07 Messages postés 14 Statut Membre
 
Ok j'ai cree un point de restauration mais je dois faire rien d'autre?
En quoi ca va neutraliser le worm?

Je dois pas redemarrer ou quelque chose maintenant?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonsoir great_07 et easyclyner,

de toutes manières, le scan de bitdefender a enlevé d'autres nuisibles.

Poste le rapport d'AVG que l'on voit où il est et comment il s'appelle exactement ton ver.

Fais aussi ceci que easyclyner puisse voir à quel point tu es infecté :

Télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bonne suite à vous deux.
0
Réponse 6 / 11
great_07 Messages postés 14 Statut Membre
 
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 21:39:48 11.2.2007 г.

+ Scan result:

:mozilla.25:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.26:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.29:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.133:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.137:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.138:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.144:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.198:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.318:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.553:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.207:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.208:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.494:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.495:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.496:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.92:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.151:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.63:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kameliya\Cookies\kameliya@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.46:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.498:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.499:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.497:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.56:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.45:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.9:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.80:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.81:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.82:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.134:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.135:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.228:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.299:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.142:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.147:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.367:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.368:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.369:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.378:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.403:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.457:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.557:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.211:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.212:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.213:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.375:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.376:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.435:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.436:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.542:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.543:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.548:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.70:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.7:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.8:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.244:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.245:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.246:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.480:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.481:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.482:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.441:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.442:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.443:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.203:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.204:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.205:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.38:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.21:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.24:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.119:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.122:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.123:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.124:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.395:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.400:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.155:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.156:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.157:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.71:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.560:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.18:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.19:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.105:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.474:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.180:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.181:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.182:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kameliya\Cookies\kameliya@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.66:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.67:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.68:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.69:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

::Report end
0
Réponse 7 / 11
great_07 Messages postés 14 Statut Membre
 
Logfile of HijackThis v1.99.1
Scan saved at 21:42:29, on 11.2.2007 г.
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe
C:\WINDOWS\Datecs\Flex2K.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDsnJKz/X5XzoVDln0AJ38ThqQuFcnF+I2sV3u5OLzJfwwPXtY+wmaXEaMWzqdkpTPcJQjyn2igfwgAh8Tx3SOQouJcjkGUb4aupULwffDi6sGG67Wh93K2mwQ33CHV7Rg
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [\\Dirtydon\EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P30 "\\Dirtydon\EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Spyware Vanisher] C:\spywarevanisher-full\SpywareVanisher.exe -FastScan
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BT Broadband Basic Help.lnk = C:\Program Files\BT Broadband Basic Help\bin\matcli.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: e1.dll
O20 - Winlogon Notify: brwmgr - brwmgr32.dll (file missing)
O20 - Winlogon Notify: osunuxth - C:\WINDOWS\system32\osunuxth.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: zlcocard - C:\WINDOWS\system32\zlcocard.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSI_WLAN_Service - Unknown owner - C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
Réponse 8 / 11
great_07 Messages postés 14 Statut Membre
 
Est-ce que qqun peut interpreter ces rapports SVP?

Merci beaucoup
0
Réponse 9 / 11
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

pour avancer easyclyner,

========================================
->Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage

[Coche] « afficher les dossiers et fichiers cachés »

[Décoches] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

[Décoches] « masquer les extensions dont le type est connu »

Puis fais [appliquer] pour valider les changements.

Et [Ok]
=====================================
recherche où se trouve e1.dll sur ton ordi (clic droit sur démarrer, rechercher, choisir poste de travail comme champ de recherche.

Poste le nom complet dans ta réponse.
@+
0
Réponse 10 / 11
great_07 Messages postés 14 Statut Membre
 
merci de repondre si vite:))

Il a trouve 4 fichiers:
e1.dll C:\windows\system32
kbdinbe1.dll C:\windows\system32
ENGINE1.DLL C:\program files\EPSON\smart panel
kbdinbe1.dll C:\windows\ServicePackFiles\i386
0
Réponse 11 / 11
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonsoir,

désolé de répondre si tard, mais j'allais répondre quand le site a planté.

Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)

Ensuite, télécharge ToolbarBFU de Chercheur http://perso.numericable.fr/~altshift/Info/Fichiers/toolbar.bfu e choisis "Enregistrer la cible sous..." afin de télécharger Toolbar.bfu de Chercheur
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Toolbar.bfu et BFU.exe (très important).

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Toolbar.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot :-) Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.

Relance Hijackthis, choisi do a scan only,
coche la case devant la ligne :
O20 - AppInit_DLLs: e1.dll

ferme toutes les fenêtres (sauf hijackthis) et clique sur fix checked.
ferme hijackthis;

Fais ceci :
démarrer, exécuter et tu copie/colle ceci dans la petite fenêtre :
regsvr32 /u C:\WINDOWS\System32\e1.dll
et valide par entrée.

relance hijackthis, choisis open the misc tool et delete a file on reboot. Cherche C:\WINDOWS\System32\e1.dll , clique sur ouvrir et suis les instructions (en particulier accepte le reboot).

Après redémarrage, remets un log Hijackthis.

@+
0

Discussions similaires

infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Virus Worm.Win32.Autorun.mjd
mehdoux -
anthony5151 -

17 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses
simon
sisititi -
azert1313 -

1 réponse
Powershell infecté
Bal2bin -
MisteryBean -

8 réponses