Sujet Précédent Sujet Suivant

Demarrage windows

Résolu
juan3738 Messages postés 7 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
J'ai windows xp. Au démarrage un message s'affiche sur l'écran qui me dit "Windows ne trouve pas C:\windows\Nail.exe. Vérifier si vous avez entré le nom correctement et essayez à nouveau". Il va de soi que mon disque dur ne contient pas ce fichier. Il semble que ce phénomène se produit depuis l'installation de l'antivirus Titanus 2006. J'ai pris contact avec eux mais le problème persiste. En cliquant sur OK le message disparaît. Je ne comprends vraiment pas la signification de ce message encombrant..
Si quelqu'un a déja rencontré ce problème, je serai heureux qu'il m'indique la manière de le résoudre. Merci d'avance

9 réponses

Réponse 1 / 9
Utilisateur anonyme
 
Salut,

tu es infecté !

télécharges hijackthis:
http://www.hijackthis.de/downloads/hijackthis_199.zip

Installe le dans son propre dossier:
-cliques droit sur le bureau, nouveau dossier, installes-le dedans.
Lance le, cliques sur "do a system scan and save logfile"
Puis copies et colles le rapport ici.

A++
0
Réponse 2 / 9
juan3738
 
salut, salut,
Tu me dis copies et colles le rapport ici, c'est où ici ???. Je m'excuse je ne suis pas le super doué aussi j'agis avec beaucoup d'hésitation, sans doute trop, il va falloir, je penbse que je forge encore beaucoup pour devenir non pas forgeron mais apprenti forgeron. Eclaire moi sur ce point. Encore merci A+
0
Utilisateur anonyme
 
ici, ça veut dire sur le forum, " ici dans l'espace ou tu ecris"


A++
0
juan3738 > Utilisateur anonyme
 
Logfile of HijackThis v1.99.1
Scan saved at 18:10:36, on 19/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\apvxdwin.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRAM FILES\CAERE\OMNIPAGEPRO90\opware32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\1036\msoffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\TOTO\DIVERS~1\WINRAR~1.PIR\WINZIP~1.1\winzip32.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PowerSearch - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsmnd1\pwrsmnd1.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsmnd1\pwrsmnd1.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [OmniPage] C:\PROGRAM FILES\CAERE\OMNIPAGEPRO90\opware32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LanzarT2006] "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\{4B83178B-6DB3-41D4-9ADE-474A5139497A}\{98032D6F-3EE6-4646-B68C-40BF012AC89B}\..\..\T2006tmp\Install.exe" /SETUP:"/l0x040c"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?eece5e58528a4ee8be499619d7bb7988
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?eece5e58528a4ee8be499619d7bb7988
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120145448531
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://fr.errorsafe.com/pages/scanner_fr/ErrorSafeScannerInstallFR.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe

Voici le rapport
Je te remercie d'avance
A++
0
Utilisateur anonyme > juan3738
 
Oula,c'est le bordel

Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R3 - URLSearchHook: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: PowerSearch - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsmnd1\pwrsmnd1.dll (file missing)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsmnd1\pwrsmnd1.dll (file missing)
O4 - HKLM\..\Run: [LanzarT2006] "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\{4B83178B-6DB3-41D4-9ADE-474A5139497A}\{98032D6F-3EE6-4646-B68C-40BF012AC89B}\..\..\T2006tmp\Install.exe" /SETUP:"/l0x040c"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120145448531
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://fr.errorsafe.com/pages/scanner_fr/ErrorSafeScannerInstallFR.cab


¤cliques sur demarrer, rechercher, cherches et supprimes ce fichier:

Nail.exe

¤cliques sur demarrer, poste de travail, C:, program files, cherches et supprimes ces dossiers:

eoRezo
PowerSearch


¤Fais ceci:

¤Telecharges et installes ceci, dans la colonne de gauche cliques sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs

CCleaner:
http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

¤Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis cliques sur "lancer le nettoyage"


¤Puis ceci:

Telecharge, installe puis mets à jour ce logiciel, une fois que c'est fait, fais un scan complet de ton systeme et colle le rapport ici avec un nouveau rapport hijackthis
Ewido:
http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31851.html
0
Réponse 3 / 9
juan3738
 
Salut ami,
J'ai exécuté tes instructions à la lettre. Maintenant lorsque je redemarre windows il apparaît un avertissement de Antimalware avec sirène en ces termes : Fichier : Nail.exe chemin C:\windows infection: Adware.betteinternet - bloquer et nettoyer- je pointe OK et la fois d'après le même ,phénomène se reproduit. Sache que toutes les recherches faite sur le disque dur sont négative pour Nail.exe. Ceci dit voici les rapports :
Logfile of HijackThis v1.99.1
Scan saved at 11:00:15, on 20/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\apvxdwin.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRAM FILES\CAERE\OMNIPAGEPRO90\opware32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\TOTO\DIVERS~1\WINRAR~1.PIR\WINZIP~1.1\winzip32.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [OmniPage] C:\PROGRAM FILES\CAERE\OMNIPAGEPRO90\opware32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?eece5e58528a4ee8be499619d7bb7988
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?eece5e58528a4ee8be499619d7bb7988
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe

Le deuxième---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 10:16:45, 20/03/2006
+ Somme de contrôle: 3AB11BE4

+ Résultats du scan:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bsto-1 -> Adware.BetterInternet : Nettoyer et sauvegarder
HKU\S-1-5-21-1202660629-329068152-725345543-1003\Software\IntermixMedia -> Adware.Ezula : Nettoyer et sauvegarder
HKU\S-1-5-21-1202660629-329068152-725345543-1003\Software\IntermixMedia\Toolbar2 -> Adware.Ezula : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
Voici ma situation, si tu me sors de là, tu seras vraiment fort
Avec tous mes remerciements
A++++++

::Fin du rapport
0
Utilisateur anonyme
 
Salut,

Mais oui on va s'en sortir ;-) ..

Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [OmniPage] C:\PROGRAM FILES\CAERE\OMNIPAGEPRO90\opware32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE


Puis fais ce scan anti-virus en ligne et colles le rapport ici stp

http://www.bitdefender.com/scan8/ie.html

A++
0
Réponse 4 / 9
juan3738 Messages postés 7 Statut Membre
 
RE SALUT AMI
Voici le rapport---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 18:37:35, 20/03/2006
+ Somme de contrôle: A2A19044

+ Résultats du scan:

C:\Documents and Settings\Propriétaire\Cookies\propriétaire@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
Avec encore tous mes remerciements

::Fin du rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
juan3738 Messages postés 7 Statut Membre
 
Re Re Salut
Voici le véritable rapport de bitdefender après les instructions que tu m'as données, BitDefender Online Scanner

Scan report generated at: Mon, Mar 20, 2006 - 19:36:43

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics

Time
00:39:47

Files
302594

Folders
3647

Boot Sectors
2

Archives
2243

Packed Files
24883

Results

Identified Viruses
4

Infected Files
58

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
58

Engines Info

Virus Definitions
324938

Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins
13

Archive plugins
39

Unpack plugins
4

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115277.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115277.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115277.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115278.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115278.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP289\A0115278.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115326.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115326.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115326.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115352.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115352.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115352.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115354.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115354.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115354.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115372.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115372.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115372.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115409.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115409.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115409.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115421.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115421.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115421.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115440.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115440.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115440.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115469.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115469.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP290\A0115469.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115496.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115496.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115496.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115497.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115497.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115497.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115515.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115515.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115515.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115538.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115538.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115538.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115552.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115552.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115552.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115575.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115575.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP291\A0115575.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115613.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115613.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115613.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115639.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115639.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP292\A0115639.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115685.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115685.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115685.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115686.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115686.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115686.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115715.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115715.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115715.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115716.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115716.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP293\A0115716.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115764.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115764.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115764.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115767.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115767.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115767.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115807.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115807.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115807.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115808.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115808.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115808.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115879.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115879.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115879.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115880.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115880.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115880.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115883.exe
Infected with: Trojan.Downloader.Agent.AE

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115883.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115883.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115912.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115912.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115912.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115913.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115913.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115913.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115931.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115931.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115931.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115932.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115932.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115932.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115951.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115951.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115951.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115952.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115952.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115952.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115980.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115980.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115980.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115982.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115982.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0115982.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116004.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116004.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116004.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116006.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116006.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP294\A0116006.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116024.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116024.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116024.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116026.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116026.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116026.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116055.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116055.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116055.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116057.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116057.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116057.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116093.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116093.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116093.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116113.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116113.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116113.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116114.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116114.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP295\A0116114.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116149.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116149.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116149.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116150.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116150.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116150.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116171.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116171.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116171.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116173.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116173.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP296\A0116173.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116300.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116300.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116300.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116312.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116312.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116312.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116413.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116413.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP298\A0116413.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116428.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116428.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116428.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116429.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116429.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116429.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116449.exe
Infected with: MemScan:Adware.Nail.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116449.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116449.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116455.exe
Infected with: MemScan:Trojan.Poller.A

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116455.exe
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116455.exe
Deleted

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116456.dll
Infected with: MemScan:Trojan.Agent.DB

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116456.dll
Disinfection failed

C:\System Volume Information\_restore{4BA4B498-C50B-4DF7-A64C-EC2843182360}\RP299\A0116456.dll
Deleted

tout à l'heure je me suis trompé:
0
Utilisateur anonyme
 
Salut,

Alors ceci C:\System Volume Information\_restore indique que ta restauration du systeme est infecté.Nous allons Tout supprimer et créer un point propre.

Cliques sur demarrer, cliques droit sur poste de travail, propriétés, onglet "restauratuion du systeme"
-coches la case, puis cliques sur "appliquer"
-decoches la case et cliques sur "appluiquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Cliques sur demarrer, tout les programmes, accessoires, outils systemes, restauration du systeme, choisis "creer un point de restauration" nommes le " ccm" par exemple, cliques sur "creer" puis "ok".


Puis remets un rapport hijackthis stp
0
Réponse 6 / 9
juan3738
 
Salmut ami,
j'ai fait ce que tu m'a dit sauf que j'ai crée, après erreur, 3 points de restauration à quelques secondes de différence
voici le rapport Logfile of HijackThis v1.99.1
Scan saved at 09:16:43, on 21/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\apvxdwin.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\1036\msoffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\MSN Toolbar Suite\SL\02.05.0001.1119\fr-fr\msn_sl.exe
C:\TOTO\DIVERS~1\WINRAR~1.PIR\WINZIP~1.1\winzip32.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?eece5e58528a4ee8be499619d7bb7988
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?eece5e58528a4ee8be499619d7bb7988
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe

Je ne te renouvellerai pas assez mes remerciements. Personnellement, il y a longtemps que je suis totalement dépassé
0
Utilisateur anonyme
 
Re,

Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe

Telecharges Killbox : http://www.generation-nt.com/telecharger/fiche/344/KillBox/

Doubles clique sur killbox.exe (Pocket Killbox)

- coches: delete on reboot
dans la barre vide entre ceci: (exactement)

C:\WINDOWS\Nail.exe

- cliques sur la croix rouge
- une fenetre va apparaitre pour confirmation cliques sur YES
- une seconde fenetre te demande si tu veux redemarrer cliques sur YES

Laisses le pc redemarrer puis met un nouveau rapport HijackThis

A++
0
Réponse 7 / 9
juan3738
 
Re, Re
J'ai exécuté exactement tes instruction,voicile nouveau rapport
Logfile of HijackThis v1.99.1
Scan saved at 15:17:26, on 21/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\TOTO\DIVERS~1\WINRAR~1.PIR\WINZIP~1.1\winzip32.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?eece5e58528a4ee8be499619d7bb7988
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?eece5e58528a4ee8be499619d7bb7988
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe

Il tiens bon, le coco. Crois-tu qu'uon y arrivera ???
j'ai coché oui sur la deuxième fenêtre mais le PC n'a pas redemarré. Mais je l'ai éteint manuellement et l'ai fait redemarré
A+++
0
Utilisateur anonyme
 
Salut,

j'vois ça :-) ..va pas faire le mâlin longtemps :-p


¤Telecharges ceci puis installes le un dossier v ase crée sur le bureau.
http://www.spywareedge.net/nf/nailfix.exe


¤Redemarres en mode sans echec:
-Redemarres ton pc, dès l'allumage de celui ci tapotes la touche f8, à l'ecran qui va apparaitre choisis "mode sans echec" attends un peu..


¤Affiches tout les fichiers cachés comme ceci:

Clique sur démarrer, panneau de configuration, outils ,option des dossiers, affichage

Coche: afficher les fichiers et dossiers cachés

Décoche la case:
-masquer les fichiers protégés du système d'exploitation (recommandé)
-masquer les extensions dont le type est connu

Appliquer, puis ok


¤Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe


¤Cliques sur demarrer, rechercher, cherches à nouveau ce fichier et supprime le si tu le trouves.

Nail.exe


¤Ouvre le dossier crée sur le bureau NailFix, dans le dossier doubles clique sur nailfix.cmd

LE bureau va disparautre quelques instant attends un peu.
Vides ta corbeille, redemarres normalement, puis postes un nouveau rapport hijackthis

A++
0
Réponse 8 / 9
juan3738
 
Salut ami,
Je ne peut pas appliquer tes instructions tout simplement parceque iil m'est impossible de redemarrer sans échec. En effet avec le F8 j'aboutit à un panneau qui se présente ainsi:
Plaese select boot device:
1st FLOPPY DRIVE
3M - MAXTOR GY 120MO
PM - Samsung CDRW/DVD SM - B
Choisir la section et entrée - Esc boot using defaut
J'ai essayé les 4 options en comptant Esc défaut sans succès. Je suis entrée dans le SETUP au démarrage en appuyant sur Suppr sans succès également. Je vais sans doute te paraître bête mais c'est ainsi. Guides moi stp.
Merci et excuses moi pour tous ces tracas.
Amicalement
0
Utilisateur anonyme
 
Re,

essaies avec la touche f5 pour voir tu tapotes dessus pour vori si ça fonctionne ;-)
0
Réponse 9 / 9
juan3738
 
Re salut ami,
Jez crois que c'est gagné !!!!! ouf, incroyable, le message ne réapparait plus au démarrage, encore incroyable !!!!!. Tu est vraiment un champion. J'aimerais bien te connaître, j'habite le midi à Agde. Je me ferais un plaisir de te rencontrer si tu passes dans le coin, tu as mon adresse electronique, contactes moi, ça me ferait vraiment plisir de te connaître.Voici le rapport:
EnLogfile of HijackThis v1.99.1
Scan saved at 10:33:29, on 22/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\AVENGINE.EXE
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office\1036\msoffice.exe
C:\TOTO\DIVERS~1\WINRAR~1.PIR\WINZIP~1.1\winzip32.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Profiles\default\2t6qle52.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Toto\Divers logiciels\Winrar.3.30.fr.+.WinAce.2.5.+.Winzip.8.1.fr.+.Extras.ALL.CRACKED.by.JSengir.[TOTAL.PIRACY]\WinZip v8.1\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
Comment arrive-t-on à ramasser ce genre de chose, j'aimerai bien le savoir. Pour mes fichiers protégés dois-je faire quelque chose maintenant parceque ils ne sont plus masqués.
Au fait c'est avec F que j'ai pu rentrer en mode sans échec
Très très amicalement super champion
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?eece5e58528a4ee8be499619d7bb7988
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?eece5e58528a4ee8be499619d7bb7988
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
0
Utilisateur anonyme
 
Re :-)

Ah tu habites Agde ! dans l'herault ?! j'y suis venu il n'y à pas longtemps..je devais même venir habiter sur le cap d'agde mais des problémes de coeur me feront partir ailleur dommage.. .

Bon, tout ça me semble correct plus de bestioles en vue :-D

Penses à regulierement nettoyer ton Pc des fichiers temporaires avec Ccleaner c'est vite fait, puis de temps en temps jette un coup d'oeil dans le pare-feu pour voir s'il n'y à pas de choses "indésirables".

Defragmente ton disque dur.

Puis si tu as d'autres question n'hésites pas. :-)

A plus tard Juan ;-)
0