cheval de troie
Dernière réponse : dans Sécurité
Aider moi ai tout essayer et a chaque demarrage de ma machine il revient joint rapport EWIDO et HIJACKTHISLogfile of HijackThis v1.99.1
Scan saved at 20:17:48, on 13/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
:-(
Scan saved at 20:17:48, on 13/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
:-(
Autres pages sur : cheval troie
Lassé par la pub ? Créez un compte
Bonjour
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
1 Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Relance un scan HijackThis et coche les lignes ci-dessous :
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :
p2pnetworks
6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Program Files\p2pnetworks
C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
C:\WINDOWS\system32\ssqbn.exe
C:\WINDOWS\system32\wallp2.exe
C:\WINDOWS\system32\VSL13.exe
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
7 Lance le nettoyage avec CCleaner.
8 Redémarre normalement et poste un nouveau log HijackThis avec le rapport d'Ewido.
Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
1 Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Relance un scan HijackThis et coche les lignes ci-dessous :
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :
p2pnetworks
6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Program Files\p2pnetworks
C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
C:\WINDOWS\system32\ssqbn.exe
C:\WINDOWS\system32\wallp2.exe
C:\WINDOWS\system32\VSL13.exe
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
7 Lance le nettoyage avec CCleaner.
8 Redémarre normalement et poste un nouveau log HijackThis avec le rapport d'Ewido.
SALUT et merci il a apparament disparu au redemarage de ma machine joint rapport HIJACKTHIS er EWIDO
ogfile of HijackThis v1.99.1
Scan saved at 09:19:14, on 14/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {3AD3DAF2-8B73-4AB2-9A49-7F412F608DCA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8AA87B66-27A6-4FFC-AD04-22BC2133112A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A5EC14EB-1B48-4CAC-B55E-29D9A0BE7F1A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {C072E381-D31D-4C06-8238-01B764C3D0B7} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Cowido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 09:45:28 14/07/2006
+ Scan result:
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\backups\backup-20060714-085542-899.dll -> Downloader.Small.ajc : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
::Report end
mmon\x10nets.exe
ogfile of HijackThis v1.99.1
Scan saved at 09:19:14, on 14/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {3AD3DAF2-8B73-4AB2-9A49-7F412F608DCA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8AA87B66-27A6-4FFC-AD04-22BC2133112A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A5EC14EB-1B48-4CAC-B55E-29D9A0BE7F1A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {C072E381-D31D-4C06-8238-01B764C3D0B7} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Cowido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 09:45:28 14/07/2006
+ Scan result:
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\backups\backup-20060714-085542-899.dll -> Downloader.Small.ajc : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
::Report end
mmon\x10nets.exe
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme avec cheval de troie hdda.exe
- ForumComment supprimer le cheval de troie
- ForumCheval troie
- ForumCheval de troie navipromo.aa
- ForumCheval d troie
- ForumComment detruire un cheval de troie
- ForumCheval de troie sur mac
- ForumFiabilite d'avast cheval de troie
- ForumCheval de troie startpage ksf
- ForumCheval de troie généric
- Voir plus
