3 réponses
easyclyner57
Messages postés
292
Date d'inscription
mardi 9 mai 2006
Statut
Membre
Dernière intervention
16 février 2007
10
28 janv. 2007 à 12:56
28 janv. 2007 à 12:56
BONJOUR
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
melyyy
Messages postés
1
Date d'inscription
mercredi 31 janvier 2007
Statut
Membre
Dernière intervention
31 janvier 2007
31 janv. 2007 à 02:09
31 janv. 2007 à 02:09
bonsoir!
j'ai exactement le mem probleme que henry33 =(
Logfile of HijackThis v1.99.1
Scan saved at 01:59:26, on 31/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MMTray.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Defenza\pcd-as.exe
C:\WINDOWS\System32\svchost.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.creaf.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Register MediaRing Talk] C:\Program Files\MediaRing Talk\register.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.creaf.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
voilà j'attend votre aide merci
j'ai exactement le mem probleme que henry33 =(
Logfile of HijackThis v1.99.1
Scan saved at 01:59:26, on 31/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MMTray.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Defenza\pcd-as.exe
C:\WINDOWS\System32\svchost.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.creaf.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Register MediaRing Talk] C:\Program Files\MediaRing Talk\register.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.creaf.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
voilà j'attend votre aide merci
Bonjour,
J'ai moi aussi le meme problème, merci de votre aide.
Logfile of HijackThis v1.99.1
Scan saved at 14:15:10, on 06/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediametrie\PanelTelecom\PanelTelecom.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\22exinjs.a2.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PanelTelecom] C:\Program Files\Mediametrie\PanelTelecom\PanelTelecom.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
J'ai moi aussi le meme problème, merci de votre aide.
Logfile of HijackThis v1.99.1
Scan saved at 14:15:10, on 06/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediametrie\PanelTelecom\PanelTelecom.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\22exinjs.a2.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PanelTelecom] C:\Program Files\Mediametrie\PanelTelecom\PanelTelecom.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
avalonne63
Messages postés
3
Date d'inscription
mardi 6 février 2007
Statut
Membre
Dernière intervention
19 juin 2007
6 févr. 2007 à 16:26
6 févr. 2007 à 16:26
Salut chris,
sais tu ou on aurait pu attraper ce truc, car il me semble que l'on est nombreux a avoir avast et on a tous ce problème.
en plus je suis nulle dans ce domaine, je tiens pas à planter l'ordi avec une mauvaise manip.
as tu pu trouver d'autres forum qui peuvent expliquer la manip à faire?
merci par avance si tu peux me donner un lien
Veronique
sais tu ou on aurait pu attraper ce truc, car il me semble que l'on est nombreux a avoir avast et on a tous ce problème.
en plus je suis nulle dans ce domaine, je tiens pas à planter l'ordi avec une mauvaise manip.
as tu pu trouver d'autres forum qui peuvent expliquer la manip à faire?
merci par avance si tu peux me donner un lien
Veronique
chris
>
avalonne63
Messages postés
3
Date d'inscription
mardi 6 février 2007
Statut
Membre
Dernière intervention
19 juin 2007
6 févr. 2007 à 20:36
6 févr. 2007 à 20:36
Salut Véronique,
Je ne sais pas comment ce truc est arrivé dans mon ordi, mais depuis vendredi j'ai sans arret des messages m'indiquant la présence de ce cheval de Troie.
Sinon sur forum.telecharger.01net.com ils expliquent les manips, mais pas simple pour des débutants comme moi. Courage on va réussir à s'en débarrasser.
Chris
Je ne sais pas comment ce truc est arrivé dans mon ordi, mais depuis vendredi j'ai sans arret des messages m'indiquant la présence de ce cheval de Troie.
Sinon sur forum.telecharger.01net.com ils expliquent les manips, mais pas simple pour des débutants comme moi. Courage on va réussir à s'en débarrasser.
Chris
28 janv. 2007 à 13:05
Voici le résultat :
Logfile of HijackThis v1.99.1
Scan saved at 13:02:04, on 28/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgw.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\albator\LOCALS~1\Temp\Rar$EX00.987\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://french.eazel.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{88D9D71D-0430-4858-8F9B-3B3F8C02904B}: NameServer = 212.27.53.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{88D9D71D-0430-4858-8F9B-3B3F8C02904B}: NameServer = 212.27.53.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{88D9D71D-0430-4858-8F9B-3B3F8C02904B}: NameServer = 212.27.53.252
O17 - HKLM\System\CS3\Services\Tcpip\..\{88D9D71D-0430-4858-8F9B-3B3F8C02904B}: NameServer = 212.27.53.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe (file missing)
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
merci d'avance
Je précise qu'il y a création dans mon répertoire temp de fichiers
avec des adresses mails
Je les supprimes mais ça revient régulièrement
28 janv. 2007 à 13:31
tu a deja 2 anti virus AVG FREE et avast sort AVG
28 janv. 2007 à 13:47
Avast détecte et n'arrive pas à le supprimer
AVG apparement ne le détecte même pas
sniff !
28 janv. 2007 à 13:53
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
https://www.bitdefender.com/toolbox/
28 janv. 2007 à 14:53
Alors voilà j'ai viré avg de toutes façons il n'a rien vu.
J'ai lancé Bitdefender pour une analyse en ligne voici le résultat ( en partie car je dois partir )
Scan path: C:\;D:\;E:\;F:\;G:\;
Statistics
Time
00:45:59
Files
318532
Folders
4872
Boot Sectors
7
Archives
24343
Packed Files
30342
Results
Identified Viruses
8
Infected Files
19
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
19
Engines Info
Virus Definitions
391750
Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 14:20:53 -0800]=>(MIME part)=>(message)=>[Subject: Russian missle shot down USA satellite][Date: Fri, 19 Jan 2007 22:20:05 +0000]=>(MIME part)=>Full Video.exe
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 14:20:53 -0800]=>(MIME part)=>(message)=>[Subject: Russian missle shot down USA satellite][Date: Fri, 19 Jan 2007 22:20:05 +0000]=>(MIME part)=>Full Video.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 14:20:53 -0800]=>(MIME part)=>(message)=>[Subject: Russian missle shot down USA satellite][Date: Fri, 19 Jan 2007 22:20:05 +0000]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 14:20:53 -0800]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 14:20:53 -0800]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6192)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6193)=>(base64)
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6193)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6193)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6194)=>(base64)
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6194)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6194)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6203)=>(base64)
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6203)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6203)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6204)=>(base64)
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6204)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6204)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 19 Jan 2007 20:09:32 -0500 (EST)]=>(MIME part)=>(message)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 01:03:42 +0100]=>(MIME part)=>Full Video.exe
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 19 Jan 2007 20:09:32 -0500 (EST)]=>(MIME part)=>(message)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 01:03:42 +0100]=>(MIME part)=>Full Video.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 19 Jan 2007 20:09:32 -0500 (EST)]=>(MIME part)=>(message)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 01:03:42 +0100]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 19 Jan 2007 20:09:32 -0500 (EST)]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 19 Jan 2007 20:09:32 -0500 (EST)]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6209)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6218)=>(base64)
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6218)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6218)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 23:06:39 -0600]=>(MIME part)=>(message)=>[Subject: Sadam Hussein alive!][Date: Fri, 19 Jan 2007 23:06:23 -0600]=>(MIME part)=>Full Story.exe
Infected with: Trojan.Peed.A
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 23:06:39 -0600]=>(MIME part)=>(message)=>[Subject: Sadam Hussein alive!][Date: Fri, 19 Jan 2007 23:06:23 -0600]=>(MIME part)=>Full Story.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 23:06:39 -0600]=>(MIME part)=>(message)=>[Subject: Sadam Hussein alive!][Date: Fri, 19 Jan 2007 23:06:23 -0600]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 23:06:39 -0600]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)=>[Subject: Delivery Status Notification (Failure)][Date: Fri, 19 Jan 2007 23:06:39 -0600]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6223)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)=>(message)=>[Subject: U.S. Southwest braces for another wint][Date: Sun, 21 Jan 2007 07:58:59 +0900]=>(MIME part)=>Full Story.exe
Infected with: MemScan:Trojan.Peed.N
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)=>(message)=>[Subject: U.S. Southwest braces for another wint][Date: Sun, 21 Jan 2007 07:58:59 +0900]=>(MIME part)=>Full Story.exe
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)=>(message)=>[Subject: U.S. Southwest braces for another wint][Date: Sun, 21 Jan 2007 07:58:59 +0900]=>(MIME part)=>Full Story.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)=>(message)=>[Subject: U.S. Southwest braces for another wint][Date: Sun, 21 Jan 2007 07:58:59 +0900]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 15:22:55 -0800]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6275)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)=>(message)=>[Subject: Third World War just have started!][Date: Sun, 21 Jan 2007 01:34:35 +0200]=>(MIME part)=>Video.exe
Infected with: MemScan:Trojan.Peed.N
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)=>(message)=>[Subject: Third World War just have started!][Date: Sun, 21 Jan 2007 01:34:35 +0200]=>(MIME part)=>Video.exe
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)=>(message)=>[Subject: Third World War just have started!][Date: Sun, 21 Jan 2007 01:34:35 +0200]=>(MIME part)=>Video.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)=>(message)=>[Subject: Third World War just have started!][Date: Sun, 21 Jan 2007 01:34:35 +0200]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)=>[Subject: Delivery Status Notification (Failure)][Date: Sat, 20 Jan 2007 16:34:33 -0700]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6277)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)=>(message)=>[Subject: Back Together][Date: Sun, 21 Jan 2007 18:48:00 +0700]=>(MIME part)=>Postcard.exe
Infected with: Trojan.Peed.P
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)=>(message)=>[Subject: Back Together][Date: Sun, 21 Jan 2007 18:48:00 +0700]=>(MIME part)=>Postcard.exe
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)=>(message)=>[Subject: Back Together][Date: Sun, 21 Jan 2007 18:48:00 +0700]=>(MIME part)=>Postcard.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)=>(message)=>[Subject: Back Together][Date: Sun, 21 Jan 2007 18:48:00 +0700]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 06:48:08 -0500]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6310)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6328)=>(base64)
Infected with: Trojan.Downloader.Agent.BET
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6328)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6328)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Update failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:27:58 -0300]=>(MIME part)=>(message)=>[Subject: Bubble Bath Coupon][Date: Sun, 21 Jan 2007 17:27:09 +0100]=>(MIME part)=>Postcard.exe
Infected with: Trojan.Downloader.Agent.BET
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:27:58 -0300]=>(MIME part)=>(message)=>[Subject: Bubble Bath Coupon][Date: Sun, 21 Jan 2007 17:27:09 +0100]=>(MIME part)=>Postcard.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:27:58 -0300]=>(MIME part)=>(message)=>[Subject: Bubble Bath Coupon][Date: Sun, 21 Jan 2007 17:27:09 +0100]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:27:58 -0300]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:27:58 -0300]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6329)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 12:05:59 -0600]=>(MIME part)=>(message)=>[Subject: In My Heart][Date: Sun, 21 Jan 2007 19:05:51 +0100]=>(MIME part)=>greeting card.exe
Infected with: Trojan.Peed.C
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 12:05:59 -0600]=>(MIME part)=>(message)=>[Subject: In My Heart][Date: Sun, 21 Jan 2007 19:05:51 +0100]=>(MIME part)=>greeting card.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 12:05:59 -0600]=>(MIME part)=>(message)=>[Subject: In My Heart][Date: Sun, 21 Jan 2007 19:05:51 +0100]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 12:05:59 -0600]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 12:05:59 -0600]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6342)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6343)=>(base64)
Infected with: Trojan.Peed.C
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6343)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6343)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Update failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6345)=>(base64)
Infected with: MemScan:Trojan.Peed.N
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6345)=>(base64)
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6345)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6345)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Update failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)=>(message)=>[Subject: Forever in Love][Date: Sun, 21 Jan 2007 12:32:52 -0700]=>(MIME part)=>postcard.exe
Infected with: Trojan.Peed.O
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)=>(message)=>[Subject: Forever in Love][Date: Sun, 21 Jan 2007 12:32:52 -0700]=>(MIME part)=>postcard.exe
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)=>(message)=>[Subject: Forever in Love][Date: Sun, 21 Jan 2007 12:32:52 -0700]=>(MIME part)=>postcard.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)=>(message)=>[Subject: Forever in Love][Date: Sun, 21 Jan 2007 12:32:52 -0700]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)=>[Subject: Delivery Status Notification (Failure)][Date: Sun, 21 Jan 2007 13:29:16 -0600]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6353)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6403)=>(base64)
Infected with: MemScan:Win32.Mixor.J@mm
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6403)=>(base64)
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6403)=>(base64)
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6403)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)=>(message)=>[Subject: Our love is torn by miles][Date: Wed, 24 Jan 2007 15:35:41 +0100]=>(MIME part)=>Postcard.exe
Infected with: Win32.Mixor.J@mm
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)=>(message)=>[Subject: Our love is torn by miles][Date: Wed, 24 Jan 2007 15:35:41 +0100]=>(MIME part)=>Postcard.exe
Disinfection failed
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)=>(message)=>[Subject: Our love is torn by miles][Date: Wed, 24 Jan 2007 15:35:41 +0100]=>(MIME part)=>Postcard.exe
Deleted
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)=>(message)=>[Subject: Our love is torn by miles][Date: Wed, 24 Jan 2007 15:35:41 +0100]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)=>(message)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)=>[Subject: Delivery Status Notification (Failure)][Date: Wed, 24 Jan 2007 06:35:54 -0800]=>(MIME part)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox=>(message 6567)
Updated
C:\Documents and Settings\albator\Application Data\Thunderbird\Profiles\l211wpwu.default\Mail\Local Folders\Inbox
Updated
Merci