Sujet Précédent Sujet Suivant

"myalbumphoto2007"

krimou -  
moK´s@ Messages postés 4410 Statut Membre -
Bonjour,
je vient de choper le fameux virus "myalbumphoto2007" en acceptant un fichier envoyé par un de mes contacts,si qlq peut m'aider pr supprimer ce virus et merci d avance.
voila le test MSNFix:
MSN_Fix 1.331

C:\Documents and Settings\abdel\Bureau\MSNFix
Fix exécuté le 03/07/2007 - 17:55:03,75 By abdel
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\sysprinters.dll

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

/!\ ... C:\WINDOWS\system32\sysprinters.dll

************************ Nettoyage du registre

Les fichiers encore présents seront supprimés au prochain redémarrage

Aucun dossier trouvé
************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\sysprinters.dll

Les fichiers encore présents seront supprimés au prochain redémarrage

Aucun Fichier trouvé
Aucun dossier trouvé

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\hiver2[1].scr] 1EB8EB435101476436C5C4AB49362E5F
[C:\WINDOWS\Jim-Warren.scr] 8673D9337E3FA787BF9C3F5F48CB0E6D

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 03072007_18045550.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
voila le test hijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 18:23:51, on 03/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cidaemon.exe
C:\DOCUME~1\abdel\LOCALS~1\Temp\Rar$EX00.954\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

Encore ,merci d avance!!!!

28 réponses

  • 1
  • 2
Réponse 1 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
salut krimou,

tu as redemarré apres le fix msn?

refais le avec celui la et poste le rapport ici :

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:
http://sosvirus.changelog.fr/MSNFix.zip

Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

a l´aide de hijack this coche ceci :

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/

quitte tes applications et navigateur et fix les lignes ci dessus

¤ Télécharge Clean
----> http://www.malekal.com/download/clean.zip

Dézippe tout le contenu dans le même dossier. Double clic sur clean ou clean.cmd choisissez l'option 1.
Un rapport va s'ouvrir, copie et colle le contenu ici

puis il faudrait que tu instale un pear feu :

je peux te proposer ceci :

https://kerio.probb.fr/

(merci a boulepate pour le site!!!)

sur cette page tu as le choix entre kerio et zone alarm, zone alarm est plus facile a configurer que kerio mais un peu moins performant, a toi de voir...

tutorials :

zone alarm :

http://forum.telecharger.01net.com/forum/

kerio 4.2.

https://kerio.probb.fr/

kerio autre version 4.5.

https://kerio.probb.fr/

puis tu peux installer ca aussi :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

telecharge aussi cet anti spyware il a aussi un resident le teatimer :

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

@+
0
Réponse 2 / 28
krimou
 
Bonsoir moK´s@,

voila le nouveau test avec MSNFix:
MSN_Fix 1.331

C:\Documents and Settings\abdel\Bureau\MSNFix
Fix exécuté le 03/07/2007 - 19:04:21,20 By abdel
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\hiver2[1].scr] 1EB8EB435101476436C5C4AB49362E5F
[C:\WINDOWS\Jim-Warren.scr] 8673D9337E3FA787BF9C3F5F48CB0E6D

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

et voila le test hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 19:05:19, on 03/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\abdel\LOCALS~1\Temp\Rar$EX00.704\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

merci de votre aide.
0
Réponse 3 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
re,

oui c´est bon pour msn fix

tu as pas fais le reste de la manip`

puis tu peux supprimé ceci :

a moins que ca soit tes sreen saver :

C:\WINDOWS\hiver2[1].scr
C:\WINDOWS\Jim-Warren.scr

@+
0
Réponse 4 / 28
krimou
 
Voila moK´s@ le scan de clearn:
03/07/2007 a 19:25:43,24

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
ok

c´est bon pour clean,

tu peux faire la suite...

repost un hijack this quand tu auras fini...
0
Réponse 6 / 28
krimou
 
c fait, voila le nouveau scan hijack:
Logfile of HijackThis v1.99.1
Scan saved at 19:41:20, on 03/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\cidaemon.exe
C:\DOCUME~1\abdel\LOCALS~1\Temp\Rar$EX00.843\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

A+
0
Réponse 7 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
ok

tu devrais suivre mes conseils et installer un par feu sinon tu risque le meme genre de probleme et bien d´autre, a toi de voire...

@+
0
Réponse 8 / 28
miss sat45 Messages postés 30 Statut Membre
 
slt moi ossi g le mm probleme, un virus sur msn my album, g fai ske ta di télécharger msnfix mé sa march pa au debu il me met ke le chemain d'acceS et introuvable apres une autre fenetre souvre ki me demande de tapé R ensuite il me met chemain dacces introuvabl pui encsuite ceci AUTEUR:!AUR3N7
CONTACT:HTTP//246694.ACEBOARD.FR
ENSUITE IL ME DEMANDE DE CHOISIR ENTRE A ET G
JE NE SAI PA KOI FAIRE
0
moK´s@ Messages postés 4410 Statut Membre 89
 
salut miss sat45 ,

* Télécharge HijackThis et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

@+
0
Sév31 > moK´s@ Messages postés 4410 Statut Membre
 
Bonjour moK's@

Moi aussi j'ai le virus myalbum2007. Peux tu m'aider stp car même avec Trojan Romover, je n'arrive pa a m'en sortir. J'ai fait comme tu as dis pour msn fix voici le rapport avec redemarrage pc :
MSN_Fix 1.333

C:\Documents and Settings\All Users\Documents
Fix exécuté le 09/07/2007 - 16:31:38,25 By RICCO
mode normal

et voici le rapport de HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 16:41:13, on 09/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\RICCO\LOCALS~1\Temp\Rar$EX00.875\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.118712.fr/sortir.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus C66 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P33 "EPSON Stylus C66 Series (Copie 1)" /O6 "USB001" /M "Stylus C66"
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Date Default Bird Junk] C:\Documents and Settings\All Users\Application Data\play license date default\TRAY IDLE.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Way two] C:\DOCUME~1\RICCO\APPLIC~1\GreyLogo\site meow.exe
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {80EEE1C7-4C3D-430E-A755-196BBDA3395E} - sysprinters.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Merci pour ton aide
0
moK´s@ Messages postés 4410 Statut Membre 89 > Sév31
 
salut sev31,

il serait bien que tu fasse ton propre message car la le post commence a etre incomprehenssible...

Procèdes comme ceci :
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

a bientot,
0
Réponse 9 / 28
krimou
 
voila mok's jai fai tout le manip ke tu ma demandé et voici le rapport de hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 20:30:37, on 03/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\abdel\LOCALS~1\Temp\Rar$EX00.422\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

merci de me rassurer si j'ai toujour le virus ou pas car la normalement j'ai pa de souci avc msn;mais je veux être sûr ke le virus n est plus sur mon ordi, et merci de me dire aussi si je garde sur mon pc msnfix et hijackthis.
0
Réponse 10 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
re,

pour moi c´est ok, enfin le hijack his me parait propre...

oui tu peux supprimer hijack this et msn fix,

mais tu peux tout de meme faire un scan en ligne pour te rassurer :

https://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

@+
0
Réponse 11 / 28
miss sat45 Messages postés 30 Statut Membre
 
ou je pe téléchargé HijackThis svp
0
Réponse 12 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
salut miss sat45 ,

* Télécharge HijackThis et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

@+

0
Réponse 13 / 28
krimou
 
merci bcp mok's pr ton aide de me débarasser de ce fameux virus et je te souhaite une trés bonne soirée.
krimou
0
Réponse 14 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
de rien...

bonne soirée a toi egalement.
0
miss sat45 Messages postés 30 Statut Membre
 
voila g fai une analyse avec hikackthis sa done sa


Logfile of HijackThis v1.99.1
Scan saved at 21:15:14, on 03/07/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\retadpu420.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\WinPop\winpop.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareControl.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1171111366&f=us-w89" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [_SetRes] c:\hp\bin\cloaker c:\hp\bin\res.bat
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\sempalong.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera V
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [rtasks] C:\Program Files\VirusGarde\rtasks.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu420.exe 61A847B5BBF72816309B284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\smss.exe"
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116w.bay116.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: system32 - {42E0FC06-6715-4C70-B1FF-41D64FC9AF31} - sysprinters.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe


peut tu me dire si c bn ou pa stp merci
0
Réponse 15 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
miss sat45

tu es tres infecté...

fais ceci :

avec hijack this coche les lignes ci dessous :

O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1171111366&f=us-w89" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\sempalong.exe"'
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu420.exe 61A847B5BBF72816309B284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\smss.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O21 - SSODL: system32 - {42E0FC06-6715-4C70-B1FF-41D64FC9AF31} - sysprinters.dll (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

quitte tes applications et navigateur et fix les lignes ci dessus.

comment fixer les lignes :

Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

en suite

click sur demarrer>execute>tape ceci > services.msc>dans la fenetre des services arrete ce service :

France Telecom Routing Table Service (FTRTSVC)

pour l´arreter tu click droit dessus et dans l´arborescence tu click sur arreter

en suite

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\ShellNew\sempalong.exe
C:\WINDOWS\retadpu420.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\smss.exe
C:\WINDOWS\System32\sysprinters.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://img137.imageshack.us/img137/3558/refaitjk8.th.jpg

puis

télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.

Copie/colle le rapport sur le forum stp.

reposte aussi un hijack this...

@+
0
miss sat45 Messages postés 30 Statut Membre
 
SLT KAN TU DI KE JDOI FERMé mes aplikation et le navigateur keske tenten par la
0
Réponse 16 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
salut miss sat45,

ca veut dire que tu fermes toutes tes applications ouvertes style : msn, player de musique ect... et le navigateur> tu ferme la page internet; tu ne dois plus avoir que hijack this d´ouvert quand tu fix les lignes...

@+
0
miss sat45 Messages postés 30 Statut Membre
 
BONJOUR J4AI FAIT UN RAPORT AVEC SMITFRAUDFIX ET ENSUITE AVEC HIJACKTHIS SA DONE SA


SmitFraudFix v2.200

Rapport fait à 18:35:44,98, 08/07/2007
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\retadpu.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: SAGEM Wi-Fi 11g USB adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6D17DDED-0D6A-4AEE-ACD2-69545E053BA4}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6D17DDED-0D6A-4AEE-ACD2-69545E053BA4}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin




Logfile of HijackThis v1.99.1
Scan saved at 18:40:03, on 08/07/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\retadpu.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [_SetRes] c:\hp\bin\cloaker c:\hp\bin\res.bat
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera V
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116w.bay116.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

JE VOUDRAIS SAVOIR SI C4EST BON OU PA?
0
Réponse 17 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
salut miss sat45,

non c´est pas encore ca...

avec hijack this coche ceci :

O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe

quitte tes applications et navigateur et fix la ligne ci dessus.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\retadpu.exe
C:\WINDOWS\Temp\startdrv.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://img137.imageshack.us/img137/3558/refaitjk8.th.jpg

telecharge

Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm

fais le marcher

puis

Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)

- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.

Enregistre le rapport puis Copie/colle le rapport sur le forum stp.

puis

* Télécharge combofix.exe (par sUBs) sur ton Bureau.

http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

* Double clique combofix.exe.
* Tape sur la touche 1 (Yes) pour démarrer le scan.
* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

0
miss sat45 Messages postés 30 Statut Membre
 
slt quant je doit télécharger combofix et faire le scan c'est toujours en mode echec?
0
miss sat45 Messages postés 30 Statut Membre > miss sat45 Messages postés 30 Statut Membre
 
j'ai oublié de demander une chose, pour l'operation precedente, quant il fallait areter le service france telecom routing table service, es-ce que je dois le réactivé svp?
0
Réponse 18 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
non pour combo fix tu le fais en mode normal...

et non tu ne redemarrer pas le service france telecom
0
miss sat45 Messages postés 30 Statut Membre
 
OK MERCI MAIS POUR LE SERVICE FRANCE Télécom depuis que je l'ai areté , il me met plein de message d'erreur, et la msn ne marche pas
0
Réponse 19 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
bon remet le service pour le moment alors mais n´utilise pas msn pour le moment....

fais le combofix stp

0
miss sat45 Messages postés 30 Statut Membre
 
j'ai fai combofix mais quant je met pour le scan la fenetre se ferme tout seul je comprend pas
0
Réponse 20 / 28
moK´s@ Messages postés 4410 Statut Membre 89
 
bon laisse tombé

fais ceci :

non desolé fais ceci :

* télécharge AVG Anti-Spyware (ewido)

https://www.avg.com/en-ww/free-antivirus-download
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html
* tu l'installes

* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
si tu n'arrives pas à le mettre à jour prends ici les màj
http://downloads.ewido.net/avgas-signatures-full-current.exe

Sur la page "analyse":
•- tu choisis d'abord l'onglet "paramètres".
- sous « Comment réagir » clic sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer »

Copie Et colle le rapport ici

Ps : une fois le scan terminé tu supprime bien tout ce qu´il a trouvé.

0
miss sat45 Messages postés 30 Statut Membre
 
voici le raport je ne sai pa si c'est sa


BitDefender Online Scanner



Rapport d'analyse généré à: Sun, Jul 08, 2007 - 22:56:01





Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;







Statistiques

Temps
00:57:37

Fichiers
315026

Directoires
6517

Secteurs de boot
2

Archives
14887

Paquets programmes
25182




Résultats

Virus identifiés
25

Fichiers infectés
753

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
1471




Info sur les moteurs

Définition virus
637676

Version des moteurs
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
6

E-mail plugins
6

Système plugins
1




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\apuguycg.exe
Infecté par: Trojan.Agent.AANN

C:\apuguycg.exe
Echec de la désinfection

C:\apuguycg.exe
Supprimé

C:\Documents and Settings\Default User\Mes documents\Mes images\about.Brontok.A.html
Infecté par: Win32.Worm.Brontok.H

C:\Documents and Settings\Default User\Mes documents\Mes images\about.Brontok.A.html
Echec de la désinfection

C:\Documents and Settings\Default User\Mes documents\Mes images\about.Brontok.A.html
Supprimé

C:\Documents and Settings\Propriétaire\aobqri.exe
Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Propriétaire\aobqri.exe
Echec de la désinfection

C:\Documents and Settings\Propriétaire\aobqri.exe
Supprimé

C:\Documents and Settings\Propriétaire\Mes documents\Mes images\about.Brontok.A.html
Infecté par: Win32.Worm.Brontok.H

C:\Documents and Settings\Propriétaire\Mes documents\Mes images\about.Brontok.A.html
Echec de la désinfection

C:\Documents and Settings\Propriétaire\Mes documents\Mes images\about.Brontok.A.html
Supprimé

C:\install\ghost.exe
Infecté par: Generic.Istbar.C3985415

C:\install\ghost.exe
Echec de la désinfection

C:\install\ghost.exe
Supprimé

C:\install\install.exe
Infecté par: Trojan.Agent.VB.AOH

C:\install\install.exe
Echec de la désinfection

C:\install\install.exe
Supprimé

C:\Program Files\aMSN\scripts\amsn_received\myalbum2007.zip=>photo album-2007.scr
Infecté par: Trojan.Dropper.Delf.HS

C:\Program Files\aMSN\scripts\amsn_received\myalbum2007.zip=>photo album-2007.scr
Echec de la désinfection

C:\Program Files\aMSN\scripts\amsn_received\myalbum2007.zip=>photo album-2007.scr
Supprimé

C:\Program Files\aMSN\scripts\amsn_received\myalbum2007.zip
Mis à jour

C:\Program Files\AxBx\PC Security Test 2007\files\spyware.dat=>(Quarantine-PE)
Détecté avec: Application.VTesttool.A

C:\Program Files\AxBx\PC Security Test 2007\files\spyware.dat=>(Quarantine-PE)
Supprimé

C:\Program Files\AxBx\PC Security Test 2007\files\virus1.dat=>(Quarantine-PE)
Détecté avec: Application.VTesttool.B

C:\Program Files\AxBx\PC Security Test 2007\files\virus1.dat=>(Quarantine-PE)
Supprimé

C:\Program Files\AxBx\PC Security Test 2007\files\virus3.dat=>(Quarantine-PE)
Détecté avec: Application.VTesttool.C

C:\Program Files\AxBx\PC Security Test 2007\files\virus3.dat=>(Quarantine-PE)
Supprimé

C:\Program Files\InetGet2\install.exe
Infecté par: Rootkit.Agent.EV

C:\Program Files\InetGet2\install.exe
Echec de la désinfection

C:\Program Files\InetGet2\install.exe
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00010E40.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00010E40.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00217C35.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00217C35.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00A0718A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00A0718A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00B56E7B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00B56E7B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00CE22A5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00CE22A5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\00FA322F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\00FA322F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\011723D7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\011723D7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\013F75E4.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\013F75E4.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\018C0C2B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\018C0C2B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\02657E76.pif=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\02657E76.pif=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\03227439.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\03227439.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\032C4B0B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\032C4B0B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\03710EBF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\03710EBF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\03B65274.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\03B65274.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\04562384.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\04562384.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\04BC198B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\04BC198B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\05DD34BD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\05DD34BD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\05E86B4F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\05E86B4F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\068B24DD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\068B24DD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\073A14FE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\073A14FE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\07917CC2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\07917CC2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\085F47E0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\085F47E0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\08B935D7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\08B935D7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\08E44E7A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\08E44E7A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\091F2BDE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\091F2BDE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\098621E6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\098621E6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\09EC17ED.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\09EC17ED.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0A4D1D07.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0A4D1D07.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0A520DF5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0A520DF5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0A5330D1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0A5330D1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0AB803FD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0AB803FD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0AB926D9.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0AB926D9.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0AD72470.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0AD72470.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0B1E7A04.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0B1E7A04.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0B1F1CE0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0B1F1CE0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0B391AC6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0B391AC6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0B3C44C2.pif=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0B3C44C2.pif=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0B84700C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0B84700C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0BEA6613.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0BEA6613.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0CC47997.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0CC47997.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0CDE7A19.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0CDE7A19.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0D093D4B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0D093D4B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0D1D482A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0D1D482A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0D833E31.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0D833E31.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0DBC6A02.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0DBC6A02.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0F3A7C56.scr=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0F3A7C56.scr=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0F3B5627.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0F3B5627.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0F8019DB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0F8019DB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\0FE65F82.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\0FE65F82.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\104D558A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\104D558A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\10B34B92.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\10B34B92.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\116D6F02.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\116D6F02.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\11B232B7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\11B232B7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1205294D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1205294D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\124B23B0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\124B23B0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\12B119B7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\12B119B7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\13117824.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\13117824.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\13170FBF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\13170FBF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\13E47BCE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\13E47BCE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\14290F47.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\14290F47.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\144A71D5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\144A71D5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\14B067DD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\14B067DD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\15165DE5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\15165DE5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\157C53EC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\157C53EC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\15B65B23.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\15B65B23.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\15E249F4.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\15E249F4.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\15E36CD0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\15E36CD0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\16483FFB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\16483FFB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\165B2823.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\165B2823.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\16A06BD7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\16A06BD7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\16AE3603.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\16AE3603.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\17133B64.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\17133B64.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\17404389.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\17404389.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\17446D85.pif=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\17446D85.pif=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\17471782.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\17471782.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\177B2212.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\177B2212.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\17C22B85.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\17C22B85.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\18AD0428.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\18AD0428.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\18D204B3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\18D204B3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\19137A30.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\19137A30.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\19174867.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\19174867.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1A403608.com=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1A403608.com=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1B496143.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1B496143.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1B735D5B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1B735D5B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1B771B81.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1B771B81.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1BB400A3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1BB400A3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1BDD1189.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1BDD1189.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1C061A49.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1C061A49.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1C430790.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1C430790.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1D36366A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1D36366A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1D7B7A1E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1D7B7A1E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1D7F2DBD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1D7F2DBD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1DC03DD3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1DC03DD3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1DDB5FAE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1DDB5FAE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1E2D1DDE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1E2D1DDE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1E4255B6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1E4255B6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1EA84BBD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1EA84BBD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1EDC0DFF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1EDC0DFF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1FDA2DD4.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1FDA2DD4.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\1FF256AF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\1FF256AF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\20371A63.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\20371A63.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\204023DC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\204023DC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\20A619E3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\20A619E3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\20CD3829.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\20CD3829.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\210C0FEB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\210C0FEB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\217205F2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\217205F2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\217328CF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\217328CF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\219B6821.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\219B6821.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\21D97BFA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\21D97BFA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\21E93E15.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\21E93E15.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\22256F8A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\22256F8A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\223F7201.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\223F7201.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2269333F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2269333F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\22A56809.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\22A56809.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\230B5E10.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\230B5E10.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\233C2FF5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\233C2FF5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\23715418.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\23715418.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\23D74A20.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\23D74A20.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\23EA2016.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\23EA2016.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\24991037.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\24991037.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\249C4C1A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\249C4C1A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\24A3362F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\24A3362F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\24E10FCF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\24E10FCF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\25265383.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\25265383.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\271328AA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\271328AA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\276D4D87.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\276D4D87.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\27D3438F.com=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\27D3438F.com=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\28F9322D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\28F9322D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\29007DD1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\29007DD1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\29454186.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\29454186.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\296C1BAD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\296C1BAD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\298A053A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\298A053A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\29D211B5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\29D211B5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2A3807BC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2A3807BC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2B0473CB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2B0473CB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2B6A69D3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2B6A69D3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2BBC1E16.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2BBC1E16.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2BD05FDA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2BD05FDA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2C0161CB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2C0161CB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2C3755E2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2C3755E2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2D0341F1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2D0341F1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2D0464CD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2D0464CD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2D6937F8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2D6937F8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2D6A5AD5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2D6A5AD5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2DCF2E00.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2DCF2E00.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2E337AA6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2E337AA6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2E352408.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2E352408.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2E9B1A0F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2E9B1A0F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\2FDB0C19.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\2FDB0C19.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3034722D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3034722D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\308126E3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\308126E3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\30AA5736.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\30AA5736.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\30C104C7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\30C104C7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\316621E8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\316621E8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\32372102.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\32372102.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\32972C5D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\32972C5D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\32DA544E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\32DA544E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\32DC7012.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\32DC7012.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\32FE0986.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\32FE0986.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\332133C6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\332133C6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\334213DB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\334213DB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\33647F8D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\33647F8D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3366777B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3366777B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\33C4467C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\33C4467C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\341D10EA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\341D10EA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\344E76C2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\344E76C2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\34FC57AC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\34FC57AC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\35534CA2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\35534CA2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\35624DB3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\35624DB3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\35C843BB.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\35C843BB.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\35D016DF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\35D016DF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\362E39C2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\362E39C2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\364C16B2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\364C16B2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\367E06FF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\367E06FF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\36FB25D1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\36FB25D1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\36FB5E14.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\36FB5E14.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\374021C9.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\374021C9.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\37611BD9.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\37611BD9.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3785657E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3785657E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\37C711E0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\37C711E0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\37CA2932.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\37CA2932.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\382D07E8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\382D07E8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\38937DF0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\38937DF0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\38F973F7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\38F973F7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\38FA16D3.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\38FA16D3.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\394A069A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\394A069A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\395F69FF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\395F69FF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\39C56006.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\39C56006.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\39FC420E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\39FC420E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A2C560E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A2C560E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A3038D5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A3038D5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A40610D.exe=>(Quarantine-2)
Infecté par: Win32.Bagle.9.Gen@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A40610D.exe=>(Quarantine-2)
Echec de la désinfection

C:\Program Files\Norton AntiVirus\Quarantine\3A40610D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.exe=>(Quarantine-2)
Infecté par: Win32.Bagle.9.Gen@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.exe=>(Quarantine-2)
Echec de la désinfection

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.htm=>(Quarantine-2)
Infecté par: Win32.Bagle.9.Gen@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.htm=>(Quarantine-2)
Echec de la désinfection

C:\Program Files\Norton AntiVirus\Quarantine\3A463506.htm=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3A864977.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3A864977.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3BC42E2C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3BC42E2C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3C741E9E.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3C741E9E.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3CEA7958.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3CEA7958.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3E6173C5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3E6173C5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3E8E4584.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3E8E4584.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3EA63779.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3EA63779.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\3EF43B8C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\3EF43B8C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\408C13AA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\408C13AA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\40D85055.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\40D85055.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\411D1409.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\411D1409.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\41597FB9.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\41597FB9.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\416257BE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\416257BE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4167090C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4167090C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\41BF75C1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\41BF75C1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\41F80B6F.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\41F80B6F.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\428B61D0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\428B61D0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\42F157D8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\42F157D8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\430A6930.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\430A6930.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\43556BB1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\43556BB1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\43574DDF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\43574DDF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\43BD43E7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\43BD43E7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\442339EE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\442339EE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\444D5D04.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\444D5D04.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\448A2FF6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\448A2FF6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\448B52D2.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\448B52D2.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\44F025FD.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\44F025FD.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\45561C05.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\45561C05.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\45BC120C.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\45BC120C.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\45C60975.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\45C60975.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\460B4D2A.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\460B4D2A.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\46220814.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\46220814.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\46230F36.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\46230F36.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\46582D66.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\46582D66.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\47546A2B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\47546A2B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\47B50DA7.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\47B50DA7.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\47BB6032.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\47BB6032.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\48647DC8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\48647DC8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\49126DE9.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\49126DE9.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\49CC718D.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\49CC718D.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4A1E0183.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4A1E0183.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4A6F7EE1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4A6F7EE1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4A84778B.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4A84778B.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4AB44295.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4AB44295.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4C5258D1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4C5258D1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4C666199.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4C666199.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4C8345B0.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4C8345B0.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4C870575.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4C870575.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4CA117BC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4CA117BC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4CE65B71.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4CE65B71.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4CE93BB8.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4CE93BB8.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4D0B7956.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4D0B7956.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4D2B1F26.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4D2B1F26.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4D4F31BF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4D4F31BF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4D7062DA.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4D7062DA.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4E1B1DCF.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4E1B1DCF.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4E8113D6.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4E8113D6.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4ECF7021.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4ECF7021.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4EE809DE.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4EE809DE.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4F4E7FE5.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4F4E7FE5.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4F5D3801.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4F5D3801.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4F7E6042.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4F7E6042.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\4FB475ED.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\4FB475ED.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\50091F99.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\50091F99.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\501A6BF4.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\501A6BF4.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\501B0ED1.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\501B0ED1.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\508061FC.exe=>(Quarantine-2)
Infecté par: Win32.Brontok.F@mm

C:\Program Files\Norton AntiVirus\Quarantine\508061FC.exe=>(Quarantine-2)
Supprimé

C:\Program Files\Norton AntiVirus\Quarantine\508104D8.exe=&g
0