Infecte par worm warezov

Fermé
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007 - 11 févr. 2007 à 13:48
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 13 févr. 2007 à 00:49
Bonjour

AVG Anti Spyware trouve tout le temps Worm Warezov sur mon PC et ne peut pas le supprimer

Pourriez-vous m'aider SVP?

Merci beaucoup

11 réponses

easyclyner57 Messages postés 292 Date d'inscription mardi 9 mai 2006 Statut Membre Dernière intervention 16 février 2007 10
11 févr. 2007 à 14:23
salut


Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
11 févr. 2007 à 20:19
BitDefender Online Scanner







Scan report generated at: Sun, Feb 11, 2007 - 14:55:13









Scan path: C:\;D:\;















Statistics

Time


01:27:27

Files


372050

Folders


5586

Boot Sectors


2

Archives


8032

Packed Files


41694







Results

Identified Viruses


5

Infected Files


9

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


8







Engines Info

Virus Definitions


419948

Engine build


AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL


Infected with: Trojan.Funweb.A

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL


Disinfection failed

C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL


Deleted

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL


Detected with: Adware.Mywebsearch.G

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL


Disinfection failed

C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL


Deleted

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL


Detected with: Adware.Mywebsearch.G

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL


Disinfection failed

C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL


Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL


Infected with: Trojan.Funweb.A

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL


Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137780.DLL


Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL


Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL


Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137781.DLL


Deleted

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL


Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL


Disinfection failed

C:\System Volume Information\_restore{B191484F-6940-4C0A-B094-69318FF0F599}\RP367\A0137782.DLL


Deleted

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe


Infected with: Trojan.Funweb.B

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe


Disinfection failed

C:\WINDOWS\Downloaded Program Files\SmileyCentralFWBInitialSetup1.0.0.15.exe


Deleted

C:\WINDOWS\system32\e1.dll


Infected with: Trojan.Dropper.Stration.VD

C:\WINDOWS\system32\e1.dll


Disinfection failed

C:\WINDOWS\system32\e1.dll


Delete failed

C:\WINDOWS\Temp\8.tmp


Infected with: DeepScan:Generic.Stration.1919E237

C:\WINDOWS\Temp\8.tmp


Disinfection failed

C:\WINDOWS\Temp\8.tmp


Deleted
0
easyclyner57 Messages postés 292 Date d'inscription mardi 9 mai 2006 Statut Membre Dernière intervention 16 février 2007 10
11 févr. 2007 à 20:22
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
11 févr. 2007 à 20:46
Ok j'ai cree un point de restauration mais je dois faire rien d'autre?
En quoi ca va neutraliser le worm?

Je dois pas redemarrer ou quelque chose maintenant?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 537
11 févr. 2007 à 21:30
Bonsoir great_07 et easyclyner,

de toutes manières, le scan de bitdefender a enlevé d'autres nuisibles.

Poste le rapport d'AVG que l'on voit où il est et comment il s'appelle exactement ton ver.

Fais aussi ceci que easyclyner puisse voir à quel point tu es infecté :

Télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bonne suite à vous deux.
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
11 févr. 2007 à 22:41
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 21:39:48 11.2.2007 г.

+ Scan result:



:mozilla.25:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.26:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.29:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.133:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.137:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.138:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.144:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.198:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.318:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.553:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.207:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.208:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.494:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.495:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.496:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.92:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.151:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.63:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kameliya\Cookies\kameliya@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.46:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.498:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.499:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.497:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.56:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.45:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.9:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.80:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.81:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.82:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.134:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.135:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.228:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.299:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.142:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.147:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.367:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.368:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.369:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.378:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.403:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.457:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.557:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.211:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.212:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.213:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.375:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.376:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.435:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.436:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.542:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.543:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.548:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.70:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.7:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.8:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.244:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.245:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.246:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.480:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.481:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.482:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.441:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.442:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.443:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.203:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.204:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.205:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.38:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.21:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.24:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.119:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.122:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.123:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.124:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.395:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.400:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.155:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.156:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.157:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.71:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.560:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.18:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.19:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.105:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.474:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.180:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.181:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.182:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kameliya\Cookies\kameliya@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.66:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.67:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.68:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.69:C:\Documents and Settings\Kameliya\Application Data\Mozilla\Firefox\Profiles\pzda7eiz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
11 févr. 2007 à 22:44
Logfile of HijackThis v1.99.1
Scan saved at 21:42:29, on 11.2.2007 г.
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe
C:\WINDOWS\Datecs\Flex2K.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDsnJKz/X5XzoVDln0AJ38ThqQuFcnF+I2sV3u5OLzJfwwPXtY+wmaXEaMWzqdkpTPcJQjyn2igfwgAh8Tx3SOQouJcjkGUb4aupULwffDi6sGG67Wh93K2mwQ33CHV7Rg
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [\\Dirtydon\EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P30 "\\Dirtydon\EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Spyware Vanisher] C:\spywarevanisher-full\SpywareVanisher.exe -FastScan
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BT Broadband Basic Help.lnk = C:\Program Files\BT Broadband Basic Help\bin\matcli.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: e1.dll
O20 - Winlogon Notify: brwmgr - brwmgr32.dll (file missing)
O20 - Winlogon Notify: osunuxth - C:\WINDOWS\system32\osunuxth.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: zlcocard - C:\WINDOWS\system32\zlcocard.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSI_WLAN_Service - Unknown owner - C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
12 févr. 2007 à 11:04
Est-ce que qqun peut interpreter ces rapports SVP?

Merci beaucoup
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 537
12 févr. 2007 à 12:12
Bonjour,

pour avancer easyclyner,

========================================
->Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage

[Coche] « afficher les dossiers et fichiers cachés »

[Décoches] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

[Décoches] « masquer les extensions dont le type est connu »

Puis fais [appliquer] pour valider les changements.

Et [Ok]
=====================================
recherche où se trouve e1.dll sur ton ordi (clic droit sur démarrer, rechercher, choisir poste de travail comme champ de recherche.

Poste le nom complet dans ta réponse.
@+
0
great_07 Messages postés 14 Date d'inscription vendredi 26 janvier 2007 Statut Membre Dernière intervention 12 février 2007
12 févr. 2007 à 13:00
merci de repondre si vite:))

Il a trouve 4 fichiers:
e1.dll C:\windows\system32
kbdinbe1.dll C:\windows\system32
ENGINE1.DLL C:\program files\EPSON\smart panel
kbdinbe1.dll C:\windows\ServicePackFiles\i386
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 537
13 févr. 2007 à 00:49
Bonsoir,

désolé de répondre si tard, mais j'allais répondre quand le site a planté.

Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)

Ensuite, télécharge ToolbarBFU de Chercheur http://perso.numericable.fr/~altshift/Info/Fichiers/toolbar.bfu e choisis "Enregistrer la cible sous..." afin de télécharger Toolbar.bfu de Chercheur
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Toolbar.bfu et BFU.exe (très important).

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Toolbar.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot :-) Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.

Relance Hijackthis, choisi do a scan only,
coche la case devant la ligne :
O20 - AppInit_DLLs: e1.dll

ferme toutes les fenêtres (sauf hijackthis) et clique sur fix checked.
ferme hijackthis;

Fais ceci :
démarrer, exécuter et tu copie/colle ceci dans la petite fenêtre :
regsvr32 /u C:\WINDOWS\System32\e1.dll
et valide par entrée.

relance hijackthis, choisis open the misc tool et delete a file on reboot. Cherche C:\WINDOWS\System32\e1.dll , clique sur ouvrir et suis les instructions (en particulier accepte le reboot).

Après redémarrage, remets un log Hijackthis.

@+
0