Infecte par worm warezov

great_07 Messages postés 14 Statut Membre -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour

AVG Anti Spyware trouve tout le temps Worm Warezov sur mon PC et ne peut pas le supprimer

Pourriez-vous m'aider SVP?

Merci beaucoup
Configuration: Windows XP
Firefox 1.5.0.9

11 réponses

  1. easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
     
    salut

    Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp

    https://www.bitdefender.com/toolbox/
    0
  2. great_07 Messages postés 14 Statut Membre
     
    BitDefender Online Scanner

    Scan report generated at: Sun, Feb 11, 2007 - 14:55:13

    Scan path: C:\;D:\;

    Statistics

    Time

    01:27:27

    Files

    372050

    Folders

    5586

    Boot Sectors

    2

    Archives

    8032

    Packed Files

    41694

    Results

    Identified Viruses

    5

    Infected Files

    9

    Suspect Files

    0

    Warnings

    0

    Disinfected

    0

    Deleted Files

    8

    Engines Info

    Virus Definitions

    419948

    Engine build

    AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

    Scan plugins

    14

    Archive plugins

    38

    Unpack plugins

    6

    E-mail plugins

    6

    System plugins

    1

    Scan Settings

    First Action

    Disinfect

    Second Action

    Delete

    Heuristics

    Yes

    Enable Warnings

    Yes

    Scanned Extensions

    *;

    Exclude Extensions

    Scan Emails

    Yes

    Scan Archives

    Yes

    Scan Packed

    Yes

    Scan Files

    Yes

    Scan Boot

    Yes

    Scanned File

    Status

    C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

    Infected with: Trojan.Funweb.A

    C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

    Disinfection failed

    C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

    Deleted

    C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

    Detected with: Adware.Mywebsearch.G

    C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

    Disinfection failed

    C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL

    Deleted

    C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

    Detected with: Adware.Mywebsearch.G

    C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

    Disinfection failed

    C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL

    Deleted

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

    Infected with: Trojan.Funweb.A

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

    Disinfection failed

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL

    Deleted

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

    Detected with: Adware.Mywebsearch.G

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

    Disinfection failed

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL

    Deleted

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

    Detected with: Adware.Mywebsearch.G

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

    Disinfection failed

    C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL

    Deleted

    C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

    Infected with: Trojan.Funweb.B

    C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

    Disinfection failed

    C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe

    Deleted

    C:\WINDOWS\system32\e1.dll

    Infected with: Trojan.Dropper.Stration.VD

    C:\WINDOWS\system32\e1.dll

    Disinfection failed

    C:\WINDOWS\system32\e1.dll

    Delete failed

    C:\WINDOWS\Temp\8.tmp

    Infected with: DeepScan:Generic.Stration.1919E237

    C:\WINDOWS\Temp\8.tmp

    Disinfection failed

    C:\WINDOWS\Temp\8.tmp

    Deleted
    0
  3. easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
     
    Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

    ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
    ¤ decoches la case et clic sur "appliquer" puis "ok".

    Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

    Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
    Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
    0
  4. great_07 Messages postés 14 Statut Membre
     
    Ok j'ai cree un point de restauration mais je dois faire rien d'autre?
    En quoi ca va neutraliser le worm?

    Je dois pas redemarrer ou quelque chose maintenant?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonsoir great_07 et easyclyner,

    de toutes manières, le scan de bitdefender a enlevé d'autres nuisibles.

    Poste le rapport d'AVG que l'on voit où il est et comment il s'appelle exactement ton ver.

    Fais aussi ceci que easyclyner puisse voir à quel point tu es infecté :

    Télécharge HijackThis ici:
    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

    Dézippe le dans un dossier prévu à cet effet.
    Par exemple C:\hijackthis < Enregistre le bien dans c : !
    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Lance le puis:
    clique sur "do a system scan and save logfile" (cf démo)
    faire un copier coller du log entier sur le forum

    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bonne suite à vous deux.
    0
  7. great_07 Messages postés 14 Statut Membre
     
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 21:39:48 11.2.2007 г.

    + Scan result:

    :mozilla.25:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.26:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.29:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.133:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.137:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.138:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.144:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.161:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.198:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.318:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.553:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.207:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.208:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.494:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.495:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.496:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.92:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.150:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.151:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.63:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Kameliya\Cookies\kameliya@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.46:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
    :mozilla.498:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.499:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.497:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.56:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.45:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.9:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
    :mozilla.80:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.81:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.82:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.134:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.135:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.228:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.299:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.142:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.147:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.367:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.368:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.369:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.378:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.403:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.457:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.557:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.211:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
    :mozilla.212:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.213:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.375:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.376:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.435:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.436:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.542:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.543:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.548:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.70:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.7:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.8:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.244:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.245:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.246:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.480:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.481:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.482:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.441:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.442:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.443:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.203:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.204:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.205:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.38:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.21:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
    :mozilla.24:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
    :mozilla.119:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.120:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.121:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.122:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.123:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.124:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.125:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.126:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.127:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.128:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.129:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.395:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.400:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.155:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.156:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.157:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.71:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.560:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
    :mozilla.18:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.19:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.105:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.474:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.180:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.181:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.182:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Kameliya\Cookies\kameliya@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.65:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.66:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.67:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.68:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.69:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

    ::Report end
    0
  8. great_07 Messages postés 14 Statut Membre
     
    Logfile of HijackThis v1.99.1
    Scan saved at 21:42:29, on 11.2.2007 г.
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
    C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
    C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\ICQLite\ICQLite.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe
    C:\WINDOWS\Datecs\Flex2K.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
    C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDsnJKz/X5XzoVDln0AJ38ThqQuFcnF+I2sV3u5OLzJfwwPXtY+wmaXEaMWzqdkpTPcJQjyn2igfwgAh8Tx3SOQouJcjkGUb4aupULwffDi6sGG67Wh93K2mwQ33CHV7Rg
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [\\Dirtydon\EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P30 "\\Dirtydon\EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
    O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
    O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
    O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
    O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [adiras] adiras.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [Spyware Vanisher] C:\spywarevanisher-full\SpywareVanisher.exe -FastScan
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: BT Broadband Basic Help.lnk = C:\Program Files\BT Broadband Basic Help\bin\matcli.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: e1.dll
    O20 - Winlogon Notify: brwmgr - brwmgr32.dll (file missing)
    O20 - Winlogon Notify: osunuxth - C:\WINDOWS\system32\osunuxth.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: zlcocard - C:\WINDOWS\system32\zlcocard.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSI_WLAN_Service - Unknown owner - C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    0
  9. great_07 Messages postés 14 Statut Membre
     
    Est-ce que qqun peut interpreter ces rapports SVP?

    Merci beaucoup
    0
  10. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    pour avancer easyclyner,

    ========================================
    ->Affiches tous les fichiers et dossiers :
    cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage

    [Coche] « afficher les dossiers et fichiers cachés »

    [Décoches] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

    [Décoches] « masquer les extensions dont le type est connu »

    Puis fais [appliquer] pour valider les changements.

    Et [Ok]
    =====================================
    recherche où se trouve e1.dll sur ton ordi (clic droit sur démarrer, rechercher, choisir poste de travail comme champ de recherche.

    Poste le nom complet dans ta réponse.
    @+
    0
  11. great_07 Messages postés 14 Statut Membre
     
    merci de repondre si vite:))

    Il a trouve 4 fichiers:
    e1.dll C:\windows\system32
    kbdinbe1.dll C:\windows\system32
    ENGINE1.DLL C:\program files\EPSON\smart panel
    kbdinbe1.dll C:\windows\ServicePackFiles\i386
    0
  12. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonsoir,

    désolé de répondre si tard, mais j'allais répondre quand le site a planté.

    Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
    Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)

    Ensuite, télécharge ToolbarBFU de Chercheur http://perso.numericable.fr/~altshift/Info/Fichiers/toolbar.bfu e choisis "Enregistrer la cible sous..." afin de télécharger Toolbar.bfu de Chercheur
    Sauvegarde dans le dossier créé (C:\BFU).
    **Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

    Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Toolbar.bfu et BFU.exe (très important).

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
    Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
    - Clique sur le petit dossier jaune, et clique sur : Toolbar.bfu
    - Coches la case Show log after scrïpt ends
    - Clique sur Execute pour que le fix fasse son boulot :-) Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
    Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
    Clique Exit pour fermer le programme BFU.

    Relance Hijackthis, choisi do a scan only,
    coche la case devant la ligne :
    O20 - AppInit_DLLs: e1.dll

    ferme toutes les fenêtres (sauf hijackthis) et clique sur fix checked.
    ferme hijackthis;

    Fais ceci :
    démarrer, exécuter et tu copie/colle ceci dans la petite fenêtre :
    regsvr32 /u C:\WINDOWS\System32\e1.dll
    et valide par entrée.

    relance hijackthis, choisis open the misc tool et delete a file on reboot. Cherche C:\WINDOWS\System32\e1.dll , clique sur ouvrir et suis les instructions (en particulier accepte le reboot).

    Après redémarrage, remets un log Hijackthis.

    @+
    0