Virus (trojan??)

Claire -
Utilisateur anonyme - 18 sept. 2006 à 18:24

Bonjour!
J'ai un souci avec mon pc. J'ai chopé un virus qui ne veut pas partir... j'ai avast comme anti-virus. J'espere que quelqu'un pourra m'aider. Je vous joins un scan ewido ainsi que hijackthis.

Merci d'avance pour votre aide!!!
Claire

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 16:27:28 14/09/2006

+ Scan result:

C:\WINDOWS\system32\dgactfrm.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\dnmclien.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\fp8m03l1e.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\inxrtmgr.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\kddhe220.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\mhhtmler.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\nttui0.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\o2ns0c57ef.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\shrvdeps.dll -> Adware.Look2Me : No action taken.
[664] C:\WINDOWS\system32\inxrtmgr.dll -> Adware.Look2Me : No action taken.
[808] C:\WINDOWS\system32\inxrtmgr.dll -> Adware.Look2Me : No action taken.

::Report end

Logfile of HijackThis v1.99.1
Scan saved at 16:31:40, on 14/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\anti-virus\aswUpdSv.exe
C:\Program Files\anti-virus\ashServ.exe
C:\Program Files\anti-virus\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\anti-virus\ashMaiSv.exe
C:\Program Files\anti-virus\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ANTI-V~1\ashDisp.exe
C:\Program Files\anti-virus\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\LOR'\Bureau\hijackthis\HijackThis.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTI-V~1\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\anti-virus\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [zvjd7e66] RUNDLL32.EXE w070a528.dll,n 003d7e630000000a070a528
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\n64s0gh7e64.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\anti-virus\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\anti-virus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\anti-virus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\anti-virus\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TGF1cmUgZ3JpbW91aWxsZQ\command.exe (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\anti-virus\ewido anti-spyware 4.0\guard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

Afficher la suite

A voir également:

Virus (trojan??)
Virus mcafee - Accueil - Piratage
Virus facebook demande d'amis - Accueil - Facebook
Trojan sms-par google ✓ - Forum Virus
Artemis virus - Forum Virus
Virus informatique - Guide

1 réponse

Réponse 1 / 1

Utilisateur anonyme

Salut,

Télécharge L2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe

Lances "L2mfix.bat" et sélectionne l'option 2
L'ordi va redémarrer automatiquement si non, fais le de toi même
Recopie le rapport et colle le ici avec un nouveau rapport HijackThis

claire

Merci beaucoup pour ton aide.
Voici les rapports :

L2mfix 051206
Creating Account.
Le compte existe d‚j….

Vous obtiendrez une aide suppl‚mentaire en entrant NET HELPMSG 2224.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (704)
Killing 'winlogon.exe'
winlogon.exe (832)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (356)
Killing 'rundll32.exe'
rundll32.exe "C:\WINDOWS\system32\axstream.dll",DllGetVersion (1576)
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).

Running From:
C:\WINDOWS\system32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (700)
Killing 'winlogon.exe'
winlogon.exe (812)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (1852)
Killing 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
Deleting: C:\WINDOWS\system32\aza8077ue.dll
Successfully Deleted: C:\WINDOWS\system32\aza8077ue.dll
Deleting: C:\WINDOWS\system32\dgactfrm.dll
Successfully Deleted: C:\WINDOWS\system32\dgactfrm.dll
Deleting: C:\WINDOWS\system32\dnmclien.dll
Successfully Deleted: C:\WINDOWS\system32\dnmclien.dll
Deleting: C:\WINDOWS\system32\dycpcsvc.dll
Successfully Deleted: C:\WINDOWS\system32\dycpcsvc.dll
Deleting: C:\WINDOWS\system32\fp8m03l1e.dll
Successfully Deleted: C:\WINDOWS\system32\fp8m03l1e.dll
Deleting: C:\WINDOWS\system32\inxrtmgr.dll
Successfully Deleted: C:\WINDOWS\system32\inxrtmgr.dll
Deleting: C:\WINDOWS\system32\kddhe220.dll
Successfully Deleted: C:\WINDOWS\system32\kddhe220.dll
Deleting: C:\WINDOWS\system32\mhhtmler.dll
Successfully Deleted: C:\WINDOWS\system32\mhhtmler.dll
Deleting: C:\WINDOWS\system32\mtminst.dll
Successfully Deleted: C:\WINDOWS\system32\mtminst.dll
Deleting: C:\WINDOWS\system32\mxencode.dll
Successfully Deleted: C:\WINDOWS\system32\mxencode.dll
Deleting: C:\WINDOWS\system32\nttui0.dll
Successfully Deleted: C:\WINDOWS\system32\nttui0.dll
Deleting: C:\WINDOWS\system32\o2ns0c57ef.dll
Successfully Deleted: C:\WINDOWS\system32\o2ns0c57ef.dll
Deleting: C:\WINDOWS\system32\s2880cluefq80.dll
Successfully Deleted: C:\WINDOWS\system32\s2880cluefq80.dll
Deleting: C:\WINDOWS\system32\shrvdeps.dll
Successfully Deleted: C:\WINDOWS\system32\shrvdeps.dll
Deleting: C:\WINDOWS\system32\axstream.dll
Successfully Deleted: C:\WINDOWS\system32\axstream.dll
Deleting: C:\WINDOWS\system32\aza8077ue.dll
Successfully Deleted: C:\WINDOWS\system32\aza8077ue.dll
Deleting: C:\WINDOWS\system32\dgactfrm.dll
Successfully Deleted: C:\WINDOWS\system32\dgactfrm.dll
Deleting: C:\WINDOWS\system32\dnmclien.dll
Successfully Deleted: C:\WINDOWS\system32\dnmclien.dll
Deleting: C:\WINDOWS\system32\dycpcsvc.dll
Successfully Deleted: C:\WINDOWS\system32\dycpcsvc.dll
Deleting: C:\WINDOWS\system32\fp8m03l1e.dll
Successfully Deleted: C:\WINDOWS\system32\fp8m03l1e.dll
Deleting: C:\WINDOWS\system32\inxrtmgr.dll
Successfully Deleted: C:\WINDOWS\system32\inxrtmgr.dll
Deleting: C:\WINDOWS\system32\kddhe220.dll
Successfully Deleted: C:\WINDOWS\system32\kddhe220.dll
Deleting: C:\WINDOWS\system32\mhhtmler.dll
Successfully Deleted: C:\WINDOWS\system32\mhhtmler.dll
Deleting: C:\WINDOWS\system32\mtminst.dll
Successfully Deleted: C:\WINDOWS\system32\mtminst.dll
Deleting: C:\WINDOWS\system32\mxencode.dll
Successfully Deleted: C:\WINDOWS\system32\mxencode.dll
Deleting: C:\WINDOWS\system32\nttui0.dll
Successfully Deleted: C:\WINDOWS\system32\nttui0.dll
Deleting: C:\WINDOWS\system32\o2ns0c57ef.dll
Successfully Deleted: C:\WINDOWS\system32\o2ns0c57ef.dll
Deleting: C:\WINDOWS\system32\s2880cluefq80.dll
Successfully Deleted: C:\WINDOWS\system32\s2880cluefq80.dll
Deleting: C:\WINDOWS\system32\shrvdeps.dll
Successfully Deleted: C:\WINDOWS\system32\shrvdeps.dll

msg11?.dll
0 fichier(s) copi‚(s).

Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WindowsUpdate]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\aza8077ue.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

The following are the files found:
****************************************************************************
C:\WINDOWS\system32\aza8077ue.dll
C:\WINDOWS\system32\dgactfrm.dll
C:\WINDOWS\system32\dnmclien.dll
C:\WINDOWS\system32\dycpcsvc.dll
C:\WINDOWS\system32\fp8m03l1e.dll
C:\WINDOWS\system32\inxrtmgr.dll
C:\WINDOWS\system32\kddhe220.dll
C:\WINDOWS\system32\mhhtmler.dll
C:\WINDOWS\system32\mtminst.dll
C:\WINDOWS\system32\mxencode.dll
C:\WINDOWS\system32\nttui0.dll
C:\WINDOWS\system32\o2ns0c57ef.dll
C:\WINDOWS\system32\s2880cluefq80.dll
C:\WINDOWS\system32\shrvdeps.dll
C:\WINDOWS\system32\axstream.dll
C:\WINDOWS\system32\aza8077ue.dll
C:\WINDOWS\system32\dgactfrm.dll
C:\WINDOWS\system32\dnmclien.dll
C:\WINDOWS\system32\dycpcsvc.dll
C:\WINDOWS\system32\fp8m03l1e.dll
C:\WINDOWS\system32\inxrtmgr.dll
C:\WINDOWS\system32\kddhe220.dll
C:\WINDOWS\system32\mhhtmler.dll
C:\WINDOWS\system32\mtminst.dll
C:\WINDOWS\system32\mxencode.dll
C:\WINDOWS\system32\nttui0.dll
C:\WINDOWS\system32\o2ns0c57ef.dll
C:\WINDOWS\system32\s2880cluefq80.dll
C:\WINDOWS\system32\shrvdeps.dll

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{A7C904B7-79F2-4494-AB48-282D607202C5}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A7C904B7-79F2-4494-AB48-282D607202C5}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A7C904B7-79F2-4494-AB48-282D607202C5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A7C904B7-79F2-4494-AB48-282D607202C5}\InprocServer32]
@="C:\\WINDOWS\\system32\\mhhtmler.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{77694E8D-C1EC-44C1-8470-88F55031D4ED}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{77694E8D-C1EC-44C1-8470-88F55031D4ED}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{77694E8D-C1EC-44C1-8470-88F55031D4ED}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{77694E8D-C1EC-44C1-8470-88F55031D4ED}\InprocServer32]
@="C:\\WINDOWS\\system32\\nttui0.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{C98845D3-B723-4A6B-AE68-F6879CC20445}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C98845D3-B723-4A6B-AE68-F6879CC20445}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C98845D3-B723-4A6B-AE68-F6879CC20445}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C98845D3-B723-4A6B-AE68-F6879CC20445}\InprocServer32]
@="C:\\WINDOWS\\system32\\kddhe220.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{DA0CFC87-3FDB-4CDD-85F8-3462EC9853FC}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DA0CFC87-3FDB-4CDD-85F8-3462EC9853FC}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DA0CFC87-3FDB-4CDD-85F8-3462EC9853FC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DA0CFC87-3FDB-4CDD-85F8-3462EC9853FC}\InprocServer32]
@="C:\\WINDOWS\\system32\\shrvdeps.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{74EB5142-BC0A-409B-B163-B12C8809B447}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{74EB5142-BC0A-409B-B163-B12C8809B447}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{74EB5142-BC0A-409B-B163-B12C8809B447}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{74EB5142-BC0A-409B-B163-B12C8809B447}\InprocServer32]
@="C:\\WINDOWS\\system32\\mxencode.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D4EC676B-12B2-4B0F-9AE1-688385B534B2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D4EC676B-12B2-4B0F-9AE1-688385B534B2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D4EC676B-12B2-4B0F-9AE1-688385B534B2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D4EC676B-12B2-4B0F-9AE1-688385B534B2}\InprocServer32]
@="C:\\WINDOWS\\system32\\ohhlp30e.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{76ACA4A6-7A90-40A3-B99E-602D8FF94748}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{76ACA4A6-7A90-40A3-B99E-602D8FF94748}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{76ACA4A6-7A90-40A3-B99E-602D8FF94748}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{76ACA4A6-7A90-40A3-B99E-602D8FF94748}\InprocServer32]
@="C:\\WINDOWS\\system32\\mtminst.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{24412AC8-D70B-4340-980A-3909971E1B1B}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{24412AC8-D70B-4340-980A-3909971E1B1B}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{24412AC8-D70B-4340-980A-3909971E1B1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{24412AC8-D70B-4340-980A-3909971E1B1B}\InprocServer32]
@="C:\\WINDOWS\\system32\\dycpcsvc.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{892691B9-5743-4DBF-B45C-4EC727B26007}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{892691B9-5743-4DBF-B45C-4EC727B26007}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{892691B9-5743-4DBF-B45C-4EC727B26007}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{892691B9-5743-4DBF-B45C-4EC727B26007}\InprocServer32]
@="C:\\WINDOWS\\system32\\axstream.dll"
"ThreadingModel"="Apartment"

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
adding: dlls/axstream.dll (164 bytes security) (deflated 5%)
adding: dlls/aza8077ue.dll (164 bytes security) (deflated 5%)
adding: dlls/dgactfrm.dll (164 bytes security) (deflated 4%)
adding: dlls/dnmclien.dll (164 bytes security) (deflated 5%)
adding: dlls/dycpcsvc.dll (164 bytes security) (deflated 6%)
adding: dlls/fp8m03l1e.dll (164 bytes security) (deflated 5%)
adding: dlls/inxrtmgr.dll (164 bytes security) (deflated 5%)
adding: dlls/kddhe220.dll (164 bytes security) (deflated 5%)
adding: dlls/mhhtmler.dll (164 bytes security) (deflated 6%)
adding: dlls/mtminst.dll (164 bytes security) (deflated 5%)
adding: dlls/mxencode.dll (164 bytes security) (deflated 5%)
adding: dlls/nttui0.dll (164 bytes security) (deflated 5%)
adding: dlls/o2ns0c57ef.dll (164 bytes security) (deflated 4%)
adding: dlls/s2880cluefq80.dll (164 bytes security) (deflated 6%)
adding: dlls/shrvdeps.dll (164 bytes security) (deflated 5%)
adding: backregs/24412AC8-D70B-4340-980A-3909971E1B1B.reg (188 bytes security) (deflated 70%)
adding: backregs/74EB5142-BC0A-409B-B163-B12C8809B447.reg (188 bytes security) (deflated 70%)
adding: backregs/76ACA4A6-7A90-40A3-B99E-602D8FF94748.reg (188 bytes security) (deflated 70%)
adding: backregs/77694E8D-C1EC-44C1-8470-88F55031D4ED.reg (188 bytes security) (deflated 70%)
adding: backregs/892691B9-5743-4DBF-B45C-4EC727B26007.reg (188 bytes security) (deflated 70%)
adding: backregs/A7C904B7-79F2-4494-AB48-282D607202C5.reg (188 bytes security) (deflated 70%)
adding: backregs/C98845D3-B723-4A6B-AE68-F6879CC20445.reg (188 bytes security) (deflated 70%)
adding: backregs/D4EC676B-12B2-4B0F-9AE1-688385B534B2.reg (188 bytes security) (deflated 70%)
adding: backregs/DA0CFC87-3FDB-4CDD-85F8-3462EC9853FC.reg (188 bytes security) (deflated 70%)
adding: backregs/notibac.reg (164 bytes security) (deflated 87%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)

Logfile of HijackThis v1.99.1
Scan saved at 17:51:37, on 18/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\anti-virus\aswUpdSv.exe
C:\Program Files\anti-virus\ashServ.exe
C:\Program Files\anti-virus\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\anti-virus\ashMaiSv.exe
C:\Program Files\anti-virus\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ANTI-V~1\ashDisp.exe
C:\Program Files\anti-virus\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\LOR'\Bureau\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTI-V~1\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\anti-virus\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [zvjd7e66] RUNDLL32.EXE w070a528.dll,n 003d7e630000000a070a528
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\aza8077ue.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\anti-virus\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\anti-virus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\anti-virus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\anti-virus\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TGF1cmUgZ3JpbW91aWxsZQ\command.exe (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\anti-virus\ewido anti-spyware 4.0\guard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

encore une fois merci!!!

Utilisateur anonyme > claire

Maintenant,

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [zvjd7e66] RUNDLL32.EXE w070a528.dll,n 003d7e630000000a070a528
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O20 - AppInit_DLLs: repairs303169590.dll

Clic sur demarrer, executer, tape: services.msc puis "ok" une liste va s'ouvrir agrandi la fenêtre cherche les ligne ci-dessous tu double-clique dessus puis tu choisis "type de démarrage: désactivé" appliquer puis ok

Network Monitor
Command Service

Clic sur demarrer, rechercher, cherche et supprime ces fichiers si présent;

winlog.exe
command.exe
netmon.exe

**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Désactive le pare-feu de Windows et installe celui-ci pour que tu sois mieux protégé

Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/

Bon courage!

Discussions similaires

Softonic,est-ce un virus ?

Comment supprimer le virus Trojan

Trojan impossible à supprimer!

Aide pour un virus

Désinstaller Softonic

Virus (trojan??)

1 réponse

Votre réponse

Discussions similaires

Newsletters