Sujet Précédent Sujet Suivant

Virus N039_jpg.zip sur msn , des conseils svp

bb -  
clownface Messages postés 1490 Statut Membre -
Bonjour,
J'ai moi aussi "chopé" le virus N039_jpg.zip ; j'ai tout essayé ; les scans de avast ( en normal et sans echec ) ainsi que MSNFIX et Hijackthis .
Le virus se supprime et reviens quelques minutes plus tard...
il continu a envoyer des messages a mes contacts avec quelque fois le dossier deja supprimé ..
Je ne sais vraiment plus quoi faire , je suis desespérée ...
Aidez moi s'il vous plait !!!
d'avance merci !
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
deghmoum2000 Messages postés 6 Statut Membre
 
bon,j'avai le meme virus,et j'ai aisser l'antivirus kaspersky,et j'ai desinstaller et reinstaller msn,et c'est bon.
donc je crois que ça va vous aider.

merci.
0
Réponse 2 / 21
bb
 
ok merci ...
je vais essayer !
0
Réponse 3 / 21
clownface Messages postés 1490 Statut Membre 73
 
bonsoir,

refais ces manips virus msn album photo zip et postes les rapports
0
Réponse 4 / 21
totmosis
 
t'inquiètes... on va bien touver une solution
http://www.zmaster.fr/informatique_article_210.html
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
bb8 Messages postés 5 Statut Membre
 
bonsoir ,

voici mon rapport msn fix , merci de m'aider ...
MSNFix 1.520

C:\Documents and Settings\bb\Bureau\MSNFix
Fix exécuté le 02/10/2007 - 21:21:11,53 By bb
mode normal

************************ Recherche les fichiers présents

... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\N039_jpg.zip

************************ MSNCHK ***** /!\ beta test /!\

************************ Recherche les dossiers présents

... C:\Program Files\Fichiers communs\Carlson\

************************ Suppression des fichiers

.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\N039_jpg.zip

************************ Suppression des dossiers

.. OK ... C:\Program Files\Fichiers communs\Carlson\

************************ Nettoyage du registre

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\k3d3t4t8n7l8.exe] C9BD774208F266293C9CD2083B5E83FA
[C:\m1t4z1h1l7q5.exe] C9BD774208F266293C9CD2083B5E83FA
[C:\w3v6r2r2h3z5.exe] C9BD774208F266293C9CD2083B5E83FA

[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier [b] C:\DOCUME~1\bb\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 02102007_21232925.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
0
Réponse 6 / 21
clownface Messages postés 1490 Statut Membre 73
 
bonsoir,

continues la procédure du lien que je t'ai donné.
0
Réponse 7 / 21
bb8 Messages postés 5 Statut Membre
 
ok,
je fais un scan AVG , j'en ait deja fait un hier ...
mais le virus reviens tout le temps! c'est normal ?
0
Réponse 8 / 21
clownface Messages postés 1490 Statut Membre 73
 
oui c'est normal si on ne va pas jusqu'au bout...
tant qu'il reste quelque chose ça revient.
0
clownface Messages postés 1490 Statut Membre 73
 
on va enchainer sur ces manip : virus methode preliminaire de desinfection version fr
donc après avg, scan antivirus en ligne puis rapport hijack.
postes les 3 rapports faits dans l'ordre
0
Réponse 9 / 21
bb8 Messages postés 5 Statut Membre
 
Bonjour,
voici le rapport avg , je fais suivre les autres apres...
merci !

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 00:07:55 03/10/2007

+ Résultat de l'analyse:

C:\Documents and Settings\bb\Cookies\bb@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@search.live[1].txt -> TrackingCookie.Live : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\bb\Cookies\bb@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.

Fin du rapport
0
Réponse 10 / 21
bb8 Messages postés 5 Statut Membre
 
voici les rapports du scan en ligne et de hijackthis

BitDefender Online Scanner

Scan report generated at: Wed, Oct 03, 2007 - 01:24:12

Scan path: C:\;D:\;

Statistics

Time
00:59:39

Files
207856

Folders
6660

Boot Sectors
2

Archives
7152

Packed Files
9653

Results

Identified Viruses
3

Infected Files
74

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
73

Engines Info

Virus Definitions
824751

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\bb\Local Settings\Temporary Internet Files\Content.IE5\EYSTTG8X\dual[1].jpg
Infected with: MemScan:Trojan.Dialer.VUY

C:\Documents and Settings\bb\Local Settings\Temporary Internet Files\Content.IE5\EYSTTG8X\dual[1].jpg
Deleted

C:\k3d3t4t8n7l8.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\k3d3t4t8n7l8.exe
Deleted

C:\m1t4z1h1l7q5.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\m1t4z1h1l7q5.exe
Deleted

C:\Program Files\Fichiers communs\Carlson\carlton
Infected with: MemScan:Trojan.Dialer.VUY

C:\Program Files\Fichiers communs\Carlson\carlton
Deleted

C:\Program Files\Fichiers communs\Carlson(2)\carlton
Infected with: MemScan:Trojan.Dialer.VUY

C:\Program Files\Fichiers communs\Carlson(2)\carlton
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0074302.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0074302.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0075304.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0075304.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0075307.com
Infected with: Backdoor.Spybot.DLV

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0075307.com
Disinfection failed

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP358\A0075307.com
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP359\A0075343.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP359\A0075343.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP360\A0075572.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP360\A0075572.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP361\A0075627.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP361\A0075627.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP361\A0075705.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP361\A0075705.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0075733.exe
Infected with: Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0075733.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0075807.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0075807.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076847.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076847.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076873.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076873.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076876.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076876.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076877.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076877.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076878.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP362\A0076878.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0076956.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0076956.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077014.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077014.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077031.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077031.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077119.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP363\A0077119.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077158.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077158.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077162.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077162.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077163.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077163.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077164.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077164.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077199.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP364\A0077199.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078254.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078254.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078256.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078256.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078257.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP365\A0078257.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078306.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078306.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078339.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078339.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078340.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078340.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078355.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078355.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078358.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP367\A0078358.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078409.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078409.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078410.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078410.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078411.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078411.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078412.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078412.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078419.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078419.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078422.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078422.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078423.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078423.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078437.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078437.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078438.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078438.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078441.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078441.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078442.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078442.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078443.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078443.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078463.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078463.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078464.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078464.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078466.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078466.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078470.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP368\A0078470.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078656.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078656.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078657.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078657.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078658.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078658.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078659.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078659.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078666.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078666.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078669.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078669.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078670.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078670.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078685.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078685.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078686.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078686.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078689.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078689.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078690.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078690.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078691.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078691.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078711.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078711.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078712.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078712.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078714.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078714.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078718.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078718.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078893.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078893.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078925.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0078925.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0079064.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0079064.exe
Deleted

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0079065.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP369\A0079065.exe
Deleted

C:\w3v6r2r2h3z5.exe
Infected with: MemScan:Trojan.Dialer.VUY

C:\w3v6r2r2h3z5.exe
Deleted

C:\WINDOWS\usnsvc.exe
Infected with: Backdoor.Spybot.DLV

C:\WINDOWS\usnsvc.exe
Disinfection failed

C:\WINDOWS\usnsvc.exe
Delete failed

Logfile of HijackThis v1.99.1
Scan saved at 06:46:36, on 03/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Wallpaper\Wallpaper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\bb\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [usnsvc.exe] C:\WINDOWS\usnsvc.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://barbaralis1984.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/3462/defaults/activex/IPSUploader.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 11 / 21
clownface Messages postés 1490 Statut Membre 73
 
bonsoir,

on va faire un autre scan anti-virus : http://www.zebulon.fr/outils/antivirus/antivirus-en-ligne.php
postes le rapport.
réinstalle hijackthis dans un dossier qui lui appartient la prochaine fois on risque de supprimer des lignes manuellement.
0
Réponse 12 / 21
bb8
 
bonsoir,
voici le rapport ....

BitDefender Online Scanner

Scan report generated at: Wed, Oct 03, 2007 - 23:26:24

Scan path: C:\;D:\;

Statistics

Time
01:10:39

Files
209401

Folders
6674

Boot Sectors
2

Archives
7172

Packed Files
9772

Results

Identified Viruses
1

Infected Files
1

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
1

Engines Info

Virus Definitions
824960

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\WINDOWS\usnsvc.exe
Infected with: Backdoor.Spybot.DLV

C:\WINDOWS\usnsvc.exe
Disinfection failed

C:\WINDOWS\usnsvc.exe
Deleted
0
Réponse 13 / 21
clownface Messages postés 1490 Statut Membre 73
 
ok
peux-tu remettre un rapport hijackthis stp ?
0
Réponse 14 / 21
aobrice
 
MSNFix 1.537

C:\Documents and Settings\UTILISATEUR\Bureau\MSNFix\MSNFix
Fix exécuté le 04/10/2007 - 23:11:37,96 By UTILISATEUR
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\dllcache\jucheck.exe
... C:\WINDOWS\nts.exe

************************ MSNCHK ***** /!\ beta test /!\

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

/!\ ... C:\WINDOWS\system32\dllcache\jucheck.exe
/!\ ... C:\WINDOWS\nts.exe

************************ Nettoyage du registre

Les fichiers encore présents seront supprimés au prochain redémarrage

************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\dllcache\jucheck.exe
.. OK ... C:\WINDOWS\nts.exe

************************ Fichiers suspects

Aucun Fichier trouvé

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04102007_23152700.zip

[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier 04102007_23152700.zip sur http://upload.changelog.fr

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
0
clownface Messages postés 1490 Statut Membre 73
 
bonsoir,

il faut que tu crée ton propre sujet, si vous etes deux à poster des rapports ici, on ne va pas s'y retrouver
Merci
0
Réponse 15 / 21
aobrice
 
MSNFix 1.537

C:\Documents and Settings\UTILISATEUR\Bureau\MSNFix\MSNFix
Fix exécuté le 04/10/2007 - 23:17:03,42 By UTILISATEUR
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Fichiers suspects

Aucun Fichier trouvé

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
0
Réponse 16 / 21
aobrice
 
MSNFix 1.537

C:\Documents and Settings\UTILISATEUR\Bureau\MSNFix\MSNFix
Fix exécuté le 04/10/2007 - 23:11:37,96 By UTILISATEUR
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\dllcache\jucheck.exe
... C:\WINDOWS\nts.exe

************************ MSNCHK ***** /!\ beta test /!\

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

/!\ ... C:\WINDOWS\system32\dllcache\jucheck.exe
/!\ ... C:\WINDOWS\nts.exe

************************ Nettoyage du registre

Les fichiers encore présents seront supprimés au prochain redémarrage

************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\dllcache\jucheck.exe
.. OK ... C:\WINDOWS\nts.exe

************************ Fichiers suspects

Aucun Fichier trouvé

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04102007_23152700.zip

[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier 04102007_23152700.zip sur http://upload.changelog.fr

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
0
Réponse 17 / 21
bb8
 
bonsoir ,

voici le rapport Hijackthis ; au fait j'ai des pb avec internet est ce que c'est du au virus ?

Logfile of HijackThis v1.99.1
Scan saved at 23:50:52, on 04/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Wallpaper\Wallpaper.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Documents and Settings\bb\Bureau\HijackThis.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Sony Ericsson\Mobile2\File Manager\SendToDevice.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = HTTP=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://barbaralis1984.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/3462/defaults/activex/IPSUploader.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 18 / 21
bb8
 
Bonjour,

je voulais savoir si je formate completement mon ordinateur , est ce que le virus va partir ?
0
Réponse 19 / 21
clownface Messages postés 1490 Statut Membre 73
 
euh oui, mais tu trouves pas que c'est un peu expéditif comme méthode ?

voici ce que tu peux faire :

Télécharges smitfraudfix
(Si tu as Norton Antivirus ou NOD32, désactive le)
-- Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip, cela va tout décompresser dans un nouveau dossier SmitFraudfix
-- Ouvre le dossier SmitfraudFix double clic sur SmitfraudFix.cmd (le .cmd peut ne pas être présent)
-- Choisis l'option 1 et appuie sur Entrée
-- Réponds o (Oui) aux deux questions suivantes si elles sont posées
-- Un rapport sera généré sauvegarde le dans un dossier
-- Copie/colle le contenu du rapport ici
0
Réponse 20 / 21
bb8 Messages postés 5 Statut Membre
 
Bonsoir ,

voici le rapport, si je voulais formater c'est que ca va faire plus d'une semaine que j'ai ce virus et je ne m'en sort pas ...

SmitFraudFix v2.237

Rapport fait à 19:36:01,26, 05/10/2007
Executé à partir de C:\Documents and Settings\bb\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Wallpaper\Wallpaper.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\bb

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\bb\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\bb\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 2200BG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{22401BF5-529D-4DC4-81DE-6434054C1BB2}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{22401BF5-529D-4DC4-81DE-6434054C1BB2}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{22401BF5-529D-4DC4-81DE-6434054C1BB2}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses