[Infection] par Adware

Résolu
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   -  
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   -
Bonsoir

J'ai fait un scan avec symantec et il me trouve infections : adware.Hotbar et Adware.Slagent.

Je ne sais pas exactement ce qu'ils font mais je sais que lorsque je navigue sur le web, j'ai de nouvelles pages qui s'affichent intempestives.

j'ai utilisé spybot deja

Merci de m'aider
A voir également:

34 réponses

Précédent
  • 1
  • 2
Réponse 21 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
Re,

C'est pas que je crois c'est que c'est sur !
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re
j'ai desinstallé Outllok et Thunderbird
0
Réponse 22 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
Re,

Refait un scan BitDefender.
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Voici le rapport :


BitDefender Online Scanner - Real Time Virus Report







Generated at: Sun, Apr 15, 2007 - 13:21:24









Scan Info







Scanned Files


912415

Infected Files


14















Virus Detected







Win32.Netsky.Y@MM.damaged


4

Trojan.Peed.A


2

Trojan.Peed.AO


1

Trojan.Peed.E


1

Generic.Trojan.Phish.AAE4F2A5


1

Trojan.Peed.Gen


4

Trojan.ASXLoad.A


1























This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
0
Réponse 23 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
Re,

BEn faut poster le log ^^
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re


BitDefender Online Scanner







Scan report generated at: Mon, Apr 16, 2007 - 10:19:43









Scan path: C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;L:\;















Statistics

Time


02:50:18

Files


913097

Folders


16424

Boot Sectors


5

Archives


22770

Packed Files


87042







Results

Identified Viruses


7

Infected Files


14

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


14







Engines Info

Virus Definitions


486095

Engine build


AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


Infected with: Generic.Trojan.Phish.AAE4F2A5

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 137)


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Infected with: Trojan.ASXLoad.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Infected with: Trojan.Peed.AO

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Infected with: Trojan.Peed.E

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


Infected with: Trojan.Peed.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


Infected with: Trojan.Peed.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed
0
Réponse 24 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
Re,

Toujours autant de virus :s.
Aparrement sa a l'air de partir.
Refait un scan BitDefender car c'est le seul moyen.
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re,

j'ai refait un scan et je trouve toujours le même bilan!!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
RE,

Je te prépare un truc ;)
0
Réponse 26 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
RE,

Poste un log Hijackthis.
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re, voici le log :
Logfile of HijackThis v1.99.1
Scan saved at 13:08:30, on 19/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Microsoft Office\Office\POWERPNT.EXE
C:\PROGRA~1\UTILIT~1\IZArc\IZArc.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\ARC579\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\UTILIT~1\eoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: LastClosedTab - {e05e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\Internet\DAP\dapextie.htm
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\Internet\DAP\dapextie2.htm
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\Internet\NetPumper\NetPumper\AddUrl.htm
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\Internet\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Utilitaires\Xanadu\XanaduLaunch.exe
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15027/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 27 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
Re,

Ouvre Hijackthis et clique sur "Do a system scan only" et coche ces lignes :

C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

O2 - BHO: LastClosedTab - {e05e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)

O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

Et quand tu as coché ces lignes, clique sur "Fix Checked"

Ensuite désinstalle la ASK TOOLBAR grace a ajour/supression de programmes.
----------------------------------------------------------------------------

Donc télécharge clean : http://www.malekal.com/download/clean.zip

Installe-le sur le bureau et dezippe-le.
Un dossier clean va être créer double-clique dessus
Puis double clique sur go.cmd et choisit l'option 1.Patiente un peu.
Poste ce rapport dans ton prochain post

Puis poste le log Clean + un log Hijackthis.
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re, j'ai fait ce que tu m'as dit sauf que je n'ai pas pu cocher
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001

car ils n'y étaient pas
0
Réponse 28 / 34
Darkkiller Messages postés 2330 Date d'inscription   Statut Contributeur Dernière intervention   67
 
RE,

Okay pas grave !

ON va faire autrement :

Outils>Options INternet >Sous l'onglet "Général", Historique de navigation > SUpprimer > Et supprime tout (fichiers temporaires, cookies etc ...)

Puis repost un log Hijackthis.
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re,

preLogfile of HijackThis v1.99.1
Scan saved at 07:26:14, on 20/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\PROGRA~1\UTILIT~1\IZArc\IZArc.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\ARC4FC\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\UTILIT~1\eoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\UTILIT~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Utilitaires\CopernicdesktopSearch\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\Internet\DAP\dapextie.htm
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\Internet\DAP\dapextie2.htm
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\Internet\NetPumper\NetPumper\AddUrl.htm
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\Internet\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Utilitaires\Xanadu\XanaduLaunch.exe
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15027/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 29 / 34
salwa5 Messages postés 7452 Date d'inscription   Statut Contributeur Dernière intervention   1 670
 
bonjour :) je prend le relait car darkiller doit s'absenté pour quelque jour

telecharge ceci

Ccleaner
https://www.malekal.com/tutoriel-ccleaner/

ensuite vide la corbeille d'outlook ensuite refait un scan bitdefender et colle le resultat ici

a++++
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Salut, merci de m'aider!

voici le log :



BitDefender Online Scanner







Scan report generated at: Tue, Apr 17, 2007 - 13:01:36









Scan path: C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;L:\;















Statistics

Time


03:31:48

Files


914106

Folders


16432

Boot Sectors


5

Archives


22789

Packed Files


87082







Results

Identified Viruses


6

Infected Files


13

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


13







Engines Info

Virus Definitions


486384

Engine build


AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)=>[Subject: Fw: document][Date: Thu, 22 Feb 2007 15:54:57 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx=>(message 30)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments envoyés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)=>[Subject: Re: document][Date: Sat, 3 Mar 2007 09:19:05 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 666)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Infected with: Trojan.ASXLoad.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)=>Anniversaire.asx


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)=>[Subject: Anniversaire][Date: Fri, 23 Feb 2007 02:30:38 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 868)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)=>[Subject: Re: document][Date: Sat, 10 Feb 2007 08:34:05 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 901)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Infected with: Win32.Netsky.Y@MM.damaged

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)=>document.pif


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)=>[Subject: Re: document][Date: Thu, 8 Feb 2007 08:02:25 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 994)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)=>Greeting Postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)=>[Subject: Just You][Date: Thu, 8 Feb 2007 23:57:38 +0900]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1136)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1289)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1317)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Infected with: Trojan.Peed.Gen

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)=>flash postcard.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)=>[Subject: A Special Kiss][Date: Tue, 30 Jan 2007 16:43:56 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1318)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Infected with: Trojan.Peed.AO

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)=>Greeting Card.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)=>[Subject: In My Heart][Date: Sun, 28 Jan 2007 15:53:09 +0900]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1387)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Infected with: Trojan.Peed.E

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Disinfection failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)=>Read More.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)=>[Subject: Russian missle shot down Chinese aircr][Date: Tue, 23 Jan 2007 04:23:23 -0800]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1562)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


Infected with: Trojan.Peed.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)=>Full Text.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)=>[Subject: Chinese missile shot down USA satellit][Date: Fri, 19 Jan 2007 22:42:11 -0500]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1577)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


Infected with: Trojan.Peed.A

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)=>Full Story.exe


Deleted

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)=>[Subject: Chinese missile shot down USA satellit][Date: Sat, 20 Jan 2007 08:34:27 +0800]=>(MIME part)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 1580)


Updated

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed
0
Réponse 30 / 34
salwa5 Messages postés 7452 Date d'inscription   Statut Contributeur Dernière intervention   1 670
 
bonjour il y'a toujour des virus dans outlook il fauderais que tout les utilisateur d'outoulook vide la corbeille de leur comptes

sinon le moyen le plus simple ca serai de desinstaller/reinstaller outlook avec le cd de windows

a. Cliquez successivement sur Démarrer et Exécuter, tapez appwiz.cpl, puis cliquez sur OK.
b. Dans Ajout/Suppression de programmes, cliquez sur Ajouter/supprimer des composants Windows.
c. Dans la liste Composants, désactivez la case à cocher Outlook Express, puis cliquez sur Suivant. Outlook Express sera supprimé de l'ordinateur.

2. Réinstallez Outlook Express 6.0 sur un ordinateur Windows XP Édition familiale ou Windows XP Professionnel.a. Cliquez successivement sur Démarrer et Exécuter, tapez appwiz.cpl, puis cliquez sur OK.
b. Dans Ajout/Suppression de programmes, cliquez sur Ajouter/supprimer des composants Windows.
c. Dans la liste Composants, désactivez la case à cocher Outlook Express, puis cliquez sur Suivant.
d. Une fois Outlook Express installé, cliquez sur Terminer.


ensuite refait un scan bitdefender et colle le resultat ici

a+++
0
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Re

le probleme est que j'ai déja supprimé outlook express
0
Réponse 31 / 34
salwa5 Messages postés 7452 Date d'inscription   Statut Contributeur Dernière intervention   1 670
 
bizzare tout ca


on va essayé de supprimer le dossier outlook manuelement

Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

ensuite supprime le dossier en gras en suivant ce chemin

C:\Documents and Settings\Nicolas\Local Settings\Application Data\Identities\{788563A6-45D7-44F0-85E8-F1E20431D8BB}\Microsoft\Outlook Express

puis refait un scan bitdefender

a+++
0
Réponse 32 / 34
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Salut, voici le résultat : il ne me trouve rien donc c'est pas mal.

Est-ce que je peux reinstaller Outlook et Thunderbird ou pa?
0
Réponse 33 / 34
salwa5 Messages postés 7452 Date d'inscription   Statut Contributeur Dernière intervention   1 670
 
bonjour oui tu peu reinstaller outlook et thunderbird


pour finir quelque conseils de base :



* Ne pas telecharger n'importe quoi eviter les programes gratuit genre smileys , messenger skinner ...ect

* Toujour analyser les fichiers telecharger depuis un peer to peer (emule , kazza ... ect) avant de les executer

*eviter les sites porno et sites de cracks

* Ne pas ouvrir les pieces jointes d'un expediteur inconnu et toujour les analysé avant de les ouvrir

* Toujour analysé les fichiers recu via msn ou autre avec ton antivirus

* Ne pas cliqué sur des lien louche dans msn

* Passe reglierement les antispyware (adaware , spybot , avg .. ect) pense a les mettre ajour avant de les lancé c'est tres important

* Supprime regulierement les fichiers inutiles (fichiers temporaire , cookies .. ect) a l'aide de CCleaner https://www.malekal.com/tutoriel-ccleaner/


* Utiliser le navigateur Mozzilla il est plus sure http://www.mozilla-europe.org/fr/products/firefox/

-Maintenant que ton ordinateur est propre je te conseille de creer un point de restauration comme ca en cas de probleme (virus , plantage ..ect) tu poura tjr revenir en arriere
http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

a+++

Bon surf ;)
0
Réponse 34 / 34
nlbmoi Messages postés 434 Date d'inscription   Statut Membre Dernière intervention   24
 
Merci bien de tes precieux conseils et de ceux de darkiller
0

Discussions similaires

adware.pokki
SuperFun -
SuperFun -

9 réponses
Adware.Elex.ShrtCln : impossible à retirer
jackloup -
jayc -

8 réponses
Comment supprimer pokki
cathykiki17 -
DianeA1 -

24 réponses
Win32:Adware-gen [Adw]
nico -
nico -

98 réponses
desinstaller pokki
Bowze -
Bowze -

2 réponses