[Infection] par Adware - Page 2

Résolu
Précédent
  • 1
  • 2
  1. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    Re,

    C'est pas que je crois c'est que c'est sur !
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re
      j'ai desinstallé Outllok et Thunderbird
      0
  2. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    Re,

    Refait un scan BitDefender.
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Voici le rapport :


      BitDefender Online Scanner - Real Time Virus Report







      Generated at: Sun, Apr 15, 2007 - 13:21:24









      Scan Info







      Scanned Files


      912415

      Infected Files


      14















      Virus Detected







      Win32.Netsky.Y@MM.damaged


      4

      Trojan.Peed.A


      2

      Trojan.Peed.AO


      1

      Trojan.Peed.E


      1

      Generic.Trojan.Phish.AAE4F2A5


      1

      Trojan.Peed.Gen


      4

      Trojan.ASXLoad.A


      1























      This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
      0
  3. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    Re,

    BEn faut poster le log ^^
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re


      BitDefender Online Scanner







      Scan report generated at: Mon, Apr 16, 2007 - 10:19:43









      Scan path: C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;L:\;















      Statistics

      Time


      02:50:18

      Files


      913097

      Folders


      16424

      Boot Sectors


      5

      Archives


      22770

      Packed Files


      87042







      Results

      Identified Viruses


      7

      Infected Files


      14

      Suspect Files


      0

      Warnings


      0

      Disinfected


      0

      Deleted Files


      14







      Engines Info

      Virus Definitions


      486095

      Engine build


      AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

      Scan plugins


      14

      Archive plugins


      38

      Unpack plugins


      6

      E-mail plugins


      6

      System plugins


      1







      Scan Settings

      First Action


      Disinfect

      Second Action


      Delete

      Heuristics


      Yes

      Enable Warnings


      Yes

      Scanned Extensions


      *;

      Exclude Extensions




      Scan Emails


      Yes

      Scan Archives


      Yes

      Scan Packed


      Yes

      Scan Files


      Yes

      Scan Boot


      Yes








      Scanned File


      Status

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


      Infected with: Generic.Trojan.Phish.AAE4F2A5

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Infected with: Trojan.ASXLoad.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Infected with: Trojan.Peed.AO

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Infected with: Trojan.Peed.E

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


      Infected with: Trojan.Peed.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


      Infected with: Trojan.Peed.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed
      0
  4. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    Re,

    Toujours autant de virus :s.
    Aparrement sa a l'air de partir.
    Refait un scan BitDefender car c'est le seul moyen.
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re,

      j'ai refait un scan et je trouve toujours le même bilan!!!
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    RE,

    Je te prépare un truc ;)
    0
  7. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    RE,

    Poste un log Hijackthis.
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re, voici le log :
      Logfile of HijackThis v1.99.1
      Scan saved at 13:08:30, on 19/04/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16414)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\CTsvcCDA.EXE
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\Program Files\Securitoo\av_fw\fswsclds.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\MsPMSPSv.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
      C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Microsoft IntelliPoint\point32.exe
      C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
      C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe
      C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
      C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
      C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
      C:\WINDOWS\System32\svchost.exe
      C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Program Files\Microsoft Office\Office\WINWORD.EXE
      C:\WINDOWS\msagent\AgentSvr.exe
      C:\Program Files\Microsoft Office\Office\POWERPNT.EXE
      C:\PROGRA~1\UTILIT~1\IZArc\IZArc.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\ARC579\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\UTILIT~1\eoRezo\EoAdv\EOREZO~1.DLL
      O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
      O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O2 - BHO: LastClosedTab - {e05e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
      O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
      O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
      O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
      O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\Internet\DAP\dapextie.htm
      O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
      O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
      O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\Internet\DAP\dapextie2.htm
      O8 - Extra context menu item: Download with NetPumper - C:\Program Files\Internet\NetPumper\NetPumper\AddUrl.htm
      O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
      O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\Internet\BitSpirit\bsurl.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Utilitaires\Xanadu\XanaduLaunch.exe
      O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O11 - Options group: [INTERNATIONAL] International*
      O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
      O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
      O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
      O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15027/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
      O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
      O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      0
  8. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    Re,

    Ouvre Hijackthis et clique sur "Do a system scan only" et coche ces lignes :

    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

    O2 - BHO: LastClosedTab - {e05e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)

    O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

    O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

    Et quand tu as coché ces lignes, clique sur "Fix Checked"

    Ensuite désinstalle la ASK TOOLBAR grace a ajour/supression de programmes.
    ----------------------------------------------------------------------------

    Donc télécharge clean : http://www.malekal.com/download/clean.zip

    Installe-le sur le bureau et dezippe-le.
    Un dossier clean va être créer double-clique dessus
    Puis double clique sur go.cmd et choisit l'option 1.Patiente un peu.
    Poste ce rapport dans ton prochain post

    Puis poste le log Clean + un log Hijackthis.
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re, j'ai fait ce que tu m'as dit sauf que je n'ai pas pu cocher
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

      car ils n'y étaient pas
      0
  9. Darkkiller Messages postés 2336 Statut Contributeur 67
     
    RE,

    Okay pas grave !

    ON va faire autrement :

    Outils>Options INternet >Sous l'onglet "Général", Historique de navigation > SUpprimer > Et supprime tout (fichiers temporaires, cookies etc ...)

    Puis repost un log Hijackthis.
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re,

      preLogfile of HijackThis v1.99.1
      Scan saved at 07:26:14, on 20/04/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16414)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\CTsvcCDA.EXE
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\Program Files\Securitoo\av_fw\fswsclds.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\system32\MsPMSPSv.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
      C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Microsoft IntelliPoint\point32.exe
      C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
      C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe
      C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
      C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
      C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
      C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
      C:\PROGRA~1\UTILIT~1\IZArc\IZArc.exe
      C:\WINDOWS\System32\svchost.exe
      C:\DOCUME~1\Nicolas\LOCALS~1\Temp\ARC4FC\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\UTILIT~1\eoRezo\EoAdv\EOREZO~1.DLL
      O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
      O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
      O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
      O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
      O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\Internet\DAP\dapextie.htm
      O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
      O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
      O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\Internet\DAP\dapextie2.htm
      O8 - Extra context menu item: Download with NetPumper - C:\Program Files\Internet\NetPumper\NetPumper\AddUrl.htm
      O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
      O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\Internet\BitSpirit\bsurl.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Utilitaires\Xanadu\XanaduLaunch.exe
      O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
      O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O11 - Options group: [INTERNATIONAL] International*
      O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
      O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
      O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
      O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15027/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
      O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
      O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      0
  10. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour :) je prend le relait car darkiller doit s'absenté pour quelque jour

    telecharge ceci

    Ccleaner
    https://www.malekal.com/tutoriel-ccleaner/

    ensuite vide la corbeille d'outlook ensuite refait un scan bitdefender et colle le resultat ici

    a++++
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Salut, merci de m'aider!

      voici le log :



      BitDefender Online Scanner







      Scan report generated at: Tue, Apr 17, 2007 - 13:01:36









      Scan path: C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;L:\;















      Statistics

      Time


      03:31:48

      Files


      914106

      Folders


      16432

      Boot Sectors


      5

      Archives


      22789

      Packed Files


      87082







      Results

      Identified Viruses


      6

      Infected Files


      13

      Suspect Files


      0

      Warnings


      0

      Disinfected


      0

      Deleted Files


      13







      Engines Info

      Virus Definitions


      486384

      Engine build


      AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

      Scan plugins


      14

      Archive plugins


      38

      Unpack plugins


      6

      E-mail plugins


      6

      System plugins


      1







      Scan Settings

      First Action


      Disinfect

      Second Action


      Delete

      Heuristics


      Yes

      Enable Warnings


      Yes

      Scanned Extensions


      *;

      Exclude Extensions




      Scan Emails


      Yes

      Scan Archives


      Yes

      Scan Packed


      Yes

      Scan Files


      Yes

      Scan Boot


      Yes








      Scanned File


      Status

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Infected with: Trojan.ASXLoad.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Infected with: Win32.Netsky.Y@MM.damaged

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Infected with: Trojan.Peed.Gen

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Infected with: Trojan.Peed.AO

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Infected with: Trojan.Peed.E

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Disinfection failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


      Infected with: Trojan.Peed.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


      Infected with: Trojan.Peed.A

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


      Deleted

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)


      Updated

      C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


      Update failed
      0
  11. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour il y'a toujour des virus dans outlook il fauderais que tout les utilisateur d'outoulook vide la corbeille de leur comptes

    sinon le moyen le plus simple ca serai de desinstaller/reinstaller outlook avec le cd de windows

    a. Cliquez successivement sur Démarrer et Exécuter, tapez appwiz.cpl, puis cliquez sur OK.
    b. Dans Ajout/Suppression de programmes, cliquez sur Ajouter/supprimer des composants Windows.
    c. Dans la liste Composants, désactivez la case à cocher Outlook Express, puis cliquez sur Suivant. Outlook Express sera supprimé de l'ordinateur.

    2. Réinstallez Outlook Express 6.0 sur un ordinateur Windows XP Édition familiale ou Windows XP Professionnel.a. Cliquez successivement sur Démarrer et Exécuter, tapez appwiz.cpl, puis cliquez sur OK.
    b. Dans Ajout/Suppression de programmes, cliquez sur Ajouter/supprimer des composants Windows.
    c. Dans la liste Composants, désactivez la case à cocher Outlook Express, puis cliquez sur Suivant.
    d. Une fois Outlook Express installé, cliquez sur Terminer.

    ensuite refait un scan bitdefender et colle le resultat ici

    a+++
    0
    1. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
       
      Re

      le probleme est que j'ai déja supprimé outlook express
      0
  12. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bizzare tout ca

    on va essayé de supprimer le dossier outlook manuelement

    Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).

    ensuite supprime le dossier en gras en suivant ce chemin

    C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express

    puis refait un scan bitdefender

    a+++
    0
  13. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
     
    Salut, voici le résultat : il ne me trouve rien donc c'est pas mal.

    Est-ce que je peux reinstaller Outlook et Thunderbird ou pa?
    0
  14. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour oui tu peu reinstaller outlook et thunderbird

    pour finir quelque conseils de base :

    * Ne pas telecharger n'importe quoi eviter les programes gratuit genre smileys , messenger skinner ...ect

    * Toujour analyser les fichiers telecharger depuis un peer to peer (emule , kazza ... ect) avant de les executer

    *eviter les sites porno et sites de cracks

    * Ne pas ouvrir les pieces jointes d'un expediteur inconnu et toujour les analysé avant de les ouvrir

    * Toujour analysé les fichiers recu via msn ou autre avec ton antivirus

    * Ne pas cliqué sur des lien louche dans msn

    * Passe reglierement les antispyware (adaware , spybot , avg .. ect) pense a les mettre ajour avant de les lancé c'est tres important

    * Supprime regulierement les fichiers inutiles (fichiers temporaire , cookies .. ect) a l'aide de CCleaner https://www.malekal.com/tutoriel-ccleaner/

    * Utiliser le navigateur Mozzilla il est plus sure http://www.mozilla-europe.org/fr/products/firefox/

    -Maintenant que ton ordinateur est propre je te conseille de creer un point de restauration comme ca en cas de probleme (virus , plantage ..ect) tu poura tjr revenir en arriere
    http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

    a+++

    Bon surf ;)
    0
  15. nlbmoi Messages postés 427 Date d'inscription   Statut Membre Dernière intervention   24
     
    Merci bien de tes precieux conseils et de ceux de darkiller
    0
Précédent
  • 1
  • 2