[Virus] Une phrase Espagnole sur msn + lien
Résolu
Noisette2204
Messages postés
16
Statut
Membre
-
CommentCa -
CommentCa -
Bonjour,
Voilà, je me suis connectée aujourd'hui sur MSN et j'ai pu constaté qu'un message espagnol apparait lorque je cherche à "parler" avec des amis.
J'ai donc recherché sur Internet de quoi il s'agissait et il semblerait que je ne suis pas là seule!
N'étant pas méga douée en informatique, j'ai lu plusieurs posts du forum et j'ai fait diverses manipulations ... Ce message ne disparait pas!
Malgrès tout j'ai fait le fameux HijackThis et voici ce que ça donne :
Logfile of HijackThis v1.99.1
Scan saved at 17:52:00, on 03/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\ying.exe
C:\Windows\Cursors\Rg2catbd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Smagghe\Local Settings\Temporary Internet Files\Content.IE5\2S0ZYSMK\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Flash_Player_Install[1]] C:\WINDOWS\ying.exe
O4 - HKLM\..\Run: [Rg2catbd] C:\Windows\Cursors\Rg2catbd.exe
O4 - HKLM\..\Run: [ying] C:\WINDOWS\ying.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Voilà, j'espère trouver de l'aide et réussir à me dépatouiller ...
En tout cas merci d'avance pour l'aide que je vais recevoir...
Bisous
@ ++
Noisette
Voilà, je me suis connectée aujourd'hui sur MSN et j'ai pu constaté qu'un message espagnol apparait lorque je cherche à "parler" avec des amis.
J'ai donc recherché sur Internet de quoi il s'agissait et il semblerait que je ne suis pas là seule!
N'étant pas méga douée en informatique, j'ai lu plusieurs posts du forum et j'ai fait diverses manipulations ... Ce message ne disparait pas!
Malgrès tout j'ai fait le fameux HijackThis et voici ce que ça donne :
Logfile of HijackThis v1.99.1
Scan saved at 17:52:00, on 03/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\ying.exe
C:\Windows\Cursors\Rg2catbd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Smagghe\Local Settings\Temporary Internet Files\Content.IE5\2S0ZYSMK\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Flash_Player_Install[1]] C:\WINDOWS\ying.exe
O4 - HKLM\..\Run: [Rg2catbd] C:\Windows\Cursors\Rg2catbd.exe
O4 - HKLM\..\Run: [ying] C:\WINDOWS\ying.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Voilà, j'espère trouver de l'aide et réussir à me dépatouiller ...
En tout cas merci d'avance pour l'aide que je vais recevoir...
Bisous
@ ++
Noisette
A voir également:
- [Virus] Une phrase Espagnole sur msn + lien
- Lien url - Guide
- Créer un lien pour partager des photos - Guide
- Lien de rajout pour bara facebook - Forum Webmastering
- Virus mcafee - Accueil - Piratage
- Verificateur de lien - Guide
35 réponses
ton italien est perfect...
mon francais est mauvais!!!mon ami as le virus, s'il m'envie de foto su msn ...je peux l'accepter???
merci je fais la scansion mnt!
valentina
mon francais est mauvais!!!mon ami as le virus, s'il m'envie de foto su msn ...je peux l'accepter???
merci je fais la scansion mnt!
valentina
KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 06, 2007 10:27:36 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/03/2007
Kaspersky Anti-Virus database records: 260800
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 98062
Number of viruses found 1
Number of infected objects 1 / 0
Number of suspicious objects 0
Duration of the scan process 00:43:20
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\symantecnetwork.exe Object is locked skipped
C:\WINDOWS\system32\CnxDslWz.log Object is locked skipped
C:\WINDOWS\system32\updlvncb.exe Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C32A94C8-7CF4-4CA2-919B-D7EB3386E0D4}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Temp\bjxoaa.exe Infected: Trojan.Win32.Dialer.ru skipped
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped
C:\WINDOWS\Temp\sqlite_nZbpUtdWqfdfqcd Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\ANDREA\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFDE42.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DF9286.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DF9357.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_694.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFDF8D.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFA424.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_a50.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_98.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFA42E.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Cronologia\History.IE5\MSHist012007030620070307\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temporary Internet Files\PhishingFilter\45E13EC5-3DB7-4B3D-9F80-073A58AB5E82.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Acer Arcade\Log\Trace20070306.log Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\ApplicationHistory\cli.exe.af01e8cc.ini.inuse Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Contacts\vale82rm@msn.com\real\members.stg Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Contacts\vale82rm@msn.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\ANDREA\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Dati applicazioni\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\ANDREA\NTUSER.DAT Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Programmi\Symantec AntiVirus\SAVRT\0716NAV~.TMP Object is locked skipped
C:\Programmi\Symantec AntiVirus\SAVRT\0827NAV~.TMP Object is locked skipped
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped
C:\System Volume Information\_restore{C0894E12-7511-4945-A602-9422CAE1B4E7}\RP2\change.log Object is locked skipped
D:\System Volume Information\_restore{C0894E12-7511-4945-A602-9422CAE1B4E7}\RP2\change.log Object is locked skipped
Scan process completed.
Tuesday, March 06, 2007 10:27:36 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/03/2007
Kaspersky Anti-Virus database records: 260800
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 98062
Number of viruses found 1
Number of infected objects 1 / 0
Number of suspicious objects 0
Duration of the scan process 00:43:20
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\symantecnetwork.exe Object is locked skipped
C:\WINDOWS\system32\CnxDslWz.log Object is locked skipped
C:\WINDOWS\system32\updlvncb.exe Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C32A94C8-7CF4-4CA2-919B-D7EB3386E0D4}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Temp\bjxoaa.exe Infected: Trojan.Win32.Dialer.ru skipped
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped
C:\WINDOWS\Temp\sqlite_nZbpUtdWqfdfqcd Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\ANDREA\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFDE42.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DF9286.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DF9357.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_694.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFDF8D.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFA424.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_a50.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\Perflib_Perfdata_98.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temp\~DFA42E.tmp Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Cronologia\History.IE5\MSHist012007030620070307\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Temporary Internet Files\PhishingFilter\45E13EC5-3DB7-4B3D-9F80-073A58AB5E82.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Acer Arcade\Log\Trace20070306.log Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\ApplicationHistory\cli.exe.af01e8cc.ini.inuse Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Contacts\vale82rm@msn.com\real\members.stg Object is locked skipped
C:\Documents and Settings\ANDREA\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Contacts\vale82rm@msn.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\ANDREA\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\ANDREA\Dati applicazioni\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\ANDREA\NTUSER.DAT Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Programmi\Symantec AntiVirus\SAVRT\0716NAV~.TMP Object is locked skipped
C:\Programmi\Symantec AntiVirus\SAVRT\0827NAV~.TMP Object is locked skipped
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped
C:\System Volume Information\_restore{C0894E12-7511-4945-A602-9422CAE1B4E7}\RP2\change.log Object is locked skipped
D:\System Volume Information\_restore{C0894E12-7511-4945-A602-9422CAE1B4E7}\RP2\change.log Object is locked skipped
Scan process completed.
Hello Valentina
Grazie per la lusinga :-)
Per il tuo amicco, perche non viene sul forum ?
L'AV ha trovato un virus qui:
C:\WINDOWS\Temp\bjxoaa.exe
Sopprima lo.
Ma non pensa che sono responsabile d'il tuo problema con Microsoft Office.
Come funzione oggi ?
Hai un messagio d'errore ?
Questo schedario é molto suspeto, fai une verificazione sul queto site:
http://www.virustotal.com/xhtml/virustotal_en.html
clicca su "PARCOURIR" e selezionna:
C:\WINDOWS\system32\updlvncb.exe
E clicca sul "send"
Copiate/Incollate tutto lo rapporto sul forum
E molto importante per me di vedere il rapporto hijackthis per potere t'aiutare meglio...
Per tuo amicco dico lui di fare questo:
Metto le instruzioni in francese:
Sarebbe bene de mi fare vedere lo rapporto.
a++
Grazie per la lusinga :-)
Per il tuo amicco, perche non viene sul forum ?
L'AV ha trovato un virus qui:
C:\WINDOWS\Temp\bjxoaa.exe
Sopprima lo.
Ma non pensa che sono responsabile d'il tuo problema con Microsoft Office.
Come funzione oggi ?
Hai un messagio d'errore ?
Questo schedario é molto suspeto, fai une verificazione sul queto site:
http://www.virustotal.com/xhtml/virustotal_en.html
clicca su "PARCOURIR" e selezionna:
C:\WINDOWS\system32\updlvncb.exe
E clicca sul "send"
Copiate/Incollate tutto lo rapporto sul forum
E molto importante per me di vedere il rapporto hijackthis per potere t'aiutare meglio...
Per tuo amicco dico lui di fare questo:
Metto le instruzioni in francese:
Télécharge Yingfix ici: http://perso.orange.fr/entraide-hijackthis/yingfix.zip Dézippe-le sur ton bureau (clic droit >>extraire tout) et lance le fichier yingfix.bat. En fin d'exécution, le bloc-notes va s'ouvrir, avec la liste des fichiers supprimés.
Sarebbe bene de mi fare vedere lo rapporto.
a++
je fais ce ke tu m'as dit...je eliminè le file bixoa.exe ce matin, et le pc va bien...je sais pas pourkoi mon ami ecris pas...j'ai lui ecris un email avec tt en francais.
j'ai prouvé aller sur http://www.virustotal.com/xhtml/virustotal_en.html
mais il dit que 0 bytes size received / Se ha recibido un archivo vacio
...merci...tu est tres gentil...
Valentina
j'ai prouvé aller sur http://www.virustotal.com/xhtml/virustotal_en.html
mais il dit que 0 bytes size received / Se ha recibido un archivo vacio
...merci...tu est tres gentil...
Valentina
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Hello
Hey !, sono molto contento che tutto va bene oggi, sopratutto per la tua tesi :-)
Di niente valentina, mi facce veramente piaccere di te aiutare un pocco e di parlare qualche parole in italianno :-)
Per C:\WINDOWS\system32\updlvncb.exe, e sconosciuto su google.
Che molte fortuna, che sia inffeta...
Per precauzione, clicca destra su updlvncb.exe e rinoma lo updlvncb.exe.vir per esempio.
Per tuo amicco, bah...deve amare la sua compagnia...non ?.. lol
Tanto che non avrà desinfettato il suo pc, ti consiglio di n'aprire nessune schedarii (files) che vieni di lui. (precauzione...)
Si puo dire che e risoluto per te ?
Buona fine de serata.
Hey !, sono molto contento che tutto va bene oggi, sopratutto per la tua tesi :-)
Di niente valentina, mi facce veramente piaccere di te aiutare un pocco e di parlare qualche parole in italianno :-)
Per C:\WINDOWS\system32\updlvncb.exe, e sconosciuto su google.
Che molte fortuna, che sia inffeta...
Per precauzione, clicca destra su updlvncb.exe e rinoma lo updlvncb.exe.vir per esempio.
Per tuo amicco, bah...deve amare la sua compagnia...non ?.. lol
Tanto che non avrà desinfettato il suo pc, ti consiglio di n'aprire nessune schedarii (files) che vieni di lui. (precauzione...)
Si puo dire che e risoluto per te ?
Buona fine de serata.
ciao!!!allora parlo in italiano...spero che tu capisca!!non riesco a rinominare il file updlvncb.exe mi dice che è in uso da un'altra applicazione...
Ma posso parlare con il mio amico su messanger o è un problema anche solo parlare??
Grazie di tutto buona serata...=)
Di dove sei??
Ma posso parlare con il mio amico su messanger o è un problema anche solo parlare??
Grazie di tutto buona serata...=)
Di dove sei??
Hello Valentina
Si... Ho bene capito :-)
Avrei veramento bisogno di vedere un rapport Hijackthis, per controllare le chiavi di esecuzione d'il tuo pc valentina...
Scarica Hijackthis:
http://www.merijn.org/files/hijackthis.zip
o qui
Estrarre il contenuto del file zip e click sull'eseguibile.
Clicca su DO A SYSTEM SCAN AND SAVE LOGFILE
Copiate TUTTO il contenuto all'interno del foglio appena apparso
Incollate il contenuto nel forum.
Per Yong... tu a aperto un file d'il tuo amico ?
non riesco a rinominare il file updlvncb.exe mi dice che è in uso da un'altra applicazione...
Problema...
Tu sai comé fare per riavviare il computer in Safe-Mode (modalità provvisoria) ?
Per avviare la modalità provvisoria è sufficiente accendere o riavviare il computer e tenere premuto il tasto F8 sulla tastiera subito dopo i test del BIOS.
In entrambi i casi comparirà un elenco di opzioni tra le quali dovrai ovviamente scegliere "Modalità provvisoria".
Per tornare alla modalità normale, una volta rinomina il file, è sufficiente riavviare il sistema.
Provi di rinominarlo in questa modalità.
Sono d'il sud della francia accanto de Tolosa.
E tu ?
Sei a l'università in Francia o in italia ?
Ciao !
Si... Ho bene capito :-)
Avrei veramento bisogno di vedere un rapport Hijackthis, per controllare le chiavi di esecuzione d'il tuo pc valentina...
Scarica Hijackthis:
http://www.merijn.org/files/hijackthis.zip
o qui
Estrarre il contenuto del file zip e click sull'eseguibile.
Clicca su DO A SYSTEM SCAN AND SAVE LOGFILE
Copiate TUTTO il contenuto all'interno del foglio appena apparso
Incollate il contenuto nel forum.
Per Yong... tu a aperto un file d'il tuo amico ?
non riesco a rinominare il file updlvncb.exe mi dice che è in uso da un'altra applicazione...
Problema...
Tu sai comé fare per riavviare il computer in Safe-Mode (modalità provvisoria) ?
Per avviare la modalità provvisoria è sufficiente accendere o riavviare il computer e tenere premuto il tasto F8 sulla tastiera subito dopo i test del BIOS.
In entrambi i casi comparirà un elenco di opzioni tra le quali dovrai ovviamente scegliere "Modalità provvisoria".
Per tornare alla modalità normale, una volta rinomina il file, è sufficiente riavviare il sistema.
Provi di rinominarlo in questa modalità.
Sono d'il sud della francia accanto de Tolosa.
E tu ?
Sei a l'università in Francia o in italia ?
Ciao !
je suis de italie, de Rome, et je vais a l'universitè de Rome qui s'appelle uniroma3. J'ai eprouvè a faire c que tu m'a dit mais je c pas pourquoi je ne réussis pas a ouvrir la page... desaparait!!
et aussi quand je me connecte a messanger...il ya checkmessenger.net...que se connect...mais il est pas un de mes contacts...je sais pas...aide moi a dechargè hijackthis...
bonne journée
Valentina
et aussi quand je me connecte a messanger...il ya checkmessenger.net...que se connect...mais il est pas un de mes contacts...je sais pas...aide moi a dechargè hijackthis...
bonne journée
Valentina
Hello Valentina
Bizzarro... pero le links sono diretti sul file...
Tu veux que je te t'envoie Hijacthis par E-Mail ?
contatta me qui :
nfzzmppg@ephemail.net
Ciao.
Bizzarro... pero le links sono diretti sul file...
Tu veux que je te t'envoie Hijacthis par E-Mail ?
contatta me qui :
nfzzmppg@ephemail.net
Ciao.
Hello,
j'ai le même souci que les personnes précédentes, dû à cette phrase espagnole sur msn. Pourriez-vous m'aider également? J'ai lu tout le sujet mais n'ai toujours pas réussi à résoudre le pb.
Voilà mon rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 16:37:26, on 13/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Windows\Cursors\mdll.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alexouille\Bureau\Scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.10:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Télécharger avec NetTransport - F:\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - F:\NetTransport 2\NTAddList.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - https://myisc.iscparis.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Par ailleurs, l'anti-virus Panda ne détecte rien, tandis que l'anti-virus Avira détecte systématiquement un certain TR/Delphi.Downloader.Gen ainsi que W95/Blumblebee.1738.
Je ne sais pas si cela a un rapport avec le virus msn.
Au plaisir d'avoir de vos nouvelles!
Mallory.
j'ai le même souci que les personnes précédentes, dû à cette phrase espagnole sur msn. Pourriez-vous m'aider également? J'ai lu tout le sujet mais n'ai toujours pas réussi à résoudre le pb.
Voilà mon rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 16:37:26, on 13/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Windows\Cursors\mdll.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alexouille\Bureau\Scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.10:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Alexouille\Mes documents\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Télécharger avec NetTransport - F:\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - F:\NetTransport 2\NTAddList.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - https://myisc.iscparis.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Par ailleurs, l'anti-virus Panda ne détecte rien, tandis que l'anti-virus Avira détecte systématiquement un certain TR/Delphi.Downloader.Gen ainsi que W95/Blumblebee.1738.
Je ne sais pas si cela a un rapport avec le virus msn.
Au plaisir d'avoir de vos nouvelles!
Mallory.
Salut Mallory
Télécharges MSNFix (de !aur3n7) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier MSNFix.bat.
- Exécutez l'option R.
- Puis l'option A pour afficher le rapport dans le bloc notes
Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Avant de commencer le nettoyage à proprement dit, est-ce que tu peux faire ceci:
Afin d'aider à la mise à jour de l'outil par son auteur et que tu viens d' utiliser, se serait très sympa si tu pouvais te rendre sur ce site:
https://www.ionos.fr/
Et lui faire parvenir quelques fichiers pour qu'il puisse updater le Fix.
Le virus MSN qui infecte ton pc actuellement semble être une nouvelle variante.
Sur la page en question, clic sur "Sélectionnez le fichier à envoyer"
et fais lui parvenir:
C:\Windows\Cursors\mdll.exe
Dans le menu demarrer >> executer, tape : %temp%
Dans la fenêtre qui s'ouvrira, recherche et envoies lui aussi les fichiers d'extention exe, scr ou zip s'il y en a de présents.
Dans le champ "Observation / Remarque" précise l'url sur laquelle tu as cliqué et qui a provoqué cette infection, si tu t'en souviens bien sur.
Merci d'avance Mallory.
Télécharges MSNFix (de !aur3n7) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier MSNFix.bat.
- Exécutez l'option R.
- Puis l'option A pour afficher le rapport dans le bloc notes
Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Avant de commencer le nettoyage à proprement dit, est-ce que tu peux faire ceci:
Afin d'aider à la mise à jour de l'outil par son auteur et que tu viens d' utiliser, se serait très sympa si tu pouvais te rendre sur ce site:
https://www.ionos.fr/
Et lui faire parvenir quelques fichiers pour qu'il puisse updater le Fix.
Le virus MSN qui infecte ton pc actuellement semble être une nouvelle variante.
Sur la page en question, clic sur "Sélectionnez le fichier à envoyer"
et fais lui parvenir:
C:\Windows\Cursors\mdll.exe
Dans le menu demarrer >> executer, tape : %temp%
Dans la fenêtre qui s'ouvrira, recherche et envoies lui aussi les fichiers d'extention exe, scr ou zip s'il y en a de présents.
Dans le champ "Observation / Remarque" précise l'url sur laquelle tu as cliqué et qui a provoqué cette infection, si tu t'en souviens bien sur.
Merci d'avance Mallory.
bonjour a tous j'ai le meme probleme sur msn
mais je ne sais pas comment telecharger bankerfix.zip aidé moi SVP
mais je ne sais pas comment telecharger bankerfix.zip aidé moi SVP
