Sujet Précédent Sujet Suivant

Trojandownlowder

Résolu
babdel Messages postés 19 Statut Membre -  
babdel Messages postés 19 Statut Membre -
Bonjour,

voila g un probleme mon pc est infecté par un ou plusieurs virus je n arrive pa a les enlever .je l'ai attrapé en debut de semaine au debut j'avai la photo du bureau toute rouge et la elle es toute bleu mai mon antivirus continu de m'alerter en me disan qu'il a trouver trojandownloader g aussi installer windows one care mais rien a faire est ce que quelquun peu maider en me disan ce que je doit faire ? svp
merci

25 réponses

  • 1
  • 2
Réponse 1 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
0
Réponse 2 / 25
babdel Messages postés 19 Statut Membre
 
merci

voila le raport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50:07, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSVPS System - {9C985AC6-A138-4EAB-B10A-DC522F755146} - C:\WINDOWS\popnetdpt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDSwitchAgent] C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: sapnet - {5436F719-95BE-4D0C-8C32-D2EED20EA568} - C:\WINDOWS\sapnet.dll
O21 - SSODL: rmvgor - {2828E92B-F3A8-4146-911B-73800FCD95D3} - C:\WINDOWS\rmvgor.dll
O21 - SSODL: msmhost - {C77C467B-D3FE-4B74-A636-28B920CC6EB9} - C:\WINDOWS\msmhost.dll (file missing)
O21 - SSODL: msmdev - {96CB72F5-6CD9-4951-B91D-D1A7CFA23028} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 3 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok ca ira,

fais ceci

smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais sélectionne l'option 2 et appuyer sur entrée pour commencer la désinfection. lorsque le programme demande si tu veut nettoyer le registre mets oui en tapant 0 et entrée

___________________

puis recolle un nouveau rapport hijackthis
0
Réponse 4 / 25
babdel Messages postés 19 Statut Membre
 
re dsl j'etait o taf

voila le premier:

SmitFraudFix v2.253

Rapport fait à 21:24:42,07, 21/11/2007
Executé à partir de C:\Documents and Settings\Nadia\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\privacy_danger PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nadia

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nadia\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Nadia\Favoris

C:\DOCUME~1\Nadia\Favoris\Error Cleaner.url PRESENT !
C:\DOCUME~1\Nadia\Favoris\Privacy Protector.url PRESENT !
C:\DOCUME~1\Nadia\Favoris\Spyware?Malware Protection.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

C:\DOCUME~1\Nadia\Bureau\Error Cleaner.url PRESENT !
C:\DOCUME~1\Nadia\Bureau\Privacy Protector.url PRESENT !
C:\DOCUME~1\Nadia\Bureau\Spyware?Malware Protection.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="MsgPlusLoader.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte Fast Ethernet compatible VIA - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9229B2C6-042E-42C8-85BD-1C8A98CDA464}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9229B2C6-042E-42C8-85BD-1C8A98CDA464}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
babdel Messages postés 19 Statut Membre
 
et voila le deuxieme en mode sans echec

SmitFraudFix v2.253

Rapport fait à 21:34:58,45, 21/11/2007
Executé à partir de C:\Documents and Settings\Nadia\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\privacy_danger\ supprimé
C:\DOCUME~1\Nadia\Bureau\Error Cleaner.url supprimé
C:\DOCUME~1\Nadia\Bureau\Privacy Protector.url supprimé
C:\DOCUME~1\Nadia\Bureau\Spyware?Malware Protection.url supprimé
C:\DOCUME~1\Nadia\Favoris\Error Cleaner.url supprimé
C:\DOCUME~1\Nadia\Favoris\Privacy Protector.url supprimé
C:\DOCUME~1\Nadia\Favoris\Spyware?Malware Protection.url supprimé

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9229B2C6-042E-42C8-85BD-1C8A98CDA464}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9229B2C6-042E-42C8-85BD-1C8A98CDA464}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 6 / 25
babdel Messages postés 19 Statut Membre
 
je narivai plu a me conecter au net une fois que j'ai redemarer en mode normal voila pourkoi j'ai mi otant de temp
0
Réponse 7 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
encore des problemes?

recolle hijackhtis
0
Réponse 8 / 25
babdel Messages postés 19 Statut Membre
 
voila

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:18, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Windows OneCare Live\GtCC.exe
C:\Program Files\Microsoft Windows OneCare Live\GtOneCare\OcBrowse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSVPS System - {9C985AC6-A138-4EAB-B10A-DC522F755146} - C:\WINDOWS\popnetdpt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDSwitchAgent] C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: sapnet - {5436F719-95BE-4D0C-8C32-D2EED20EA568} - C:\WINDOWS\sapnet.dll
O21 - SSODL: rmvgor - {2828E92B-F3A8-4146-911B-73800FCD95D3} - C:\WINDOWS\rmvgor.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 9 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu as windows live et f secure?
vire windows live onecare

____________________

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSVPS System - {9C985AC6-A138-4EAB-B10A-DC522F755146} - C:\WINDOWS\popnetdpt.dll

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - E:\Documents and Settings\Nadia\Mes documents\Titan Poker\casino.exe (file missing)

O21 - SSODL: sapnet - {5436F719-95BE-4D0C-8C32-D2EED20EA568} - C:\WINDOWS\sapnet.dll
O21 - SSODL: rmvgor - {2828E92B-F3A8-4146-911B-73800FCD95D3} - C:\WINDOWS\rmvgor.dll

______________________

dans DEMARRER puis PANNEAU DE CONFIGURATION puis AJOUT /SUPPRESSION DE PROGRAMME

cherche quelque chose comme CID et msn plus et desinstalle les
si tu doit réinstaller msn plus fait le sans les sponsor surtout
_______________________

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :
C:\WINDOWS\popnetdpt.dll
C:\WINDOWS\rmvgor.dll
C:\WINDOWS\sapnet.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

________________________

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

____________________________

recolle hijackthis et cette fois DIS TES PROBLEMES !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
0
Réponse 10 / 25
babdel Messages postés 19 Statut Membre
 
voila en faite je l'ai fait une fois et j'ai oublier de copier le raport en faite j'ai pas eu le temps j'ai cliqué sur ok et tout est parti j'ai donc recomencer et ca ma mis ca :
File/Folder C:\WINDOWS\popnetdpt.dll not found.
File/Folder C:\WINDOWS\rmvgor.dll not found.
File/Folder C:\WINDOWS\sapnet.dll not found.

Created on 11/22/2007 11:56:21

j'en conclu qu'il on bien ete supriimé mai une fois que j'ai fais ca mon fond d'ecran est redevenu rouge avec un logo enfin je tenvoi le rapport d'un can en ligne dans le prochain mssage .

et auusi je n'est pa trouver de CID dans ajout supression de programme ok pour mssenger plus mai pa l'autre
0
Réponse 11 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok
passe a la suite

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

____________________________

recolle hijackthis et cette fois DIS TES PROBLEMES !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
0
Réponse 12 / 25
babdel Messages postés 19 Statut Membre
 
voila le rapport du scan en ligne :

Statistiques

Temps
01:35:33

Fichiers
230112

Directoires
5385

Secteurs de boot
4

Archives
2490

Paquets programmes
12649

Résultats

Virus identifiés
7

Fichiers infectés
51

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
49

Info sur les moteurs

Définition virus
878943

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
7

E-mail plugins
6

Système plugins
1

Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions

Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui

Fichier analysé
Statut

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Infecté par: Trojan.Agent.BHO.O

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\System Volume Information\_restore{C1CB389C-F78B-444D-936C-40379375CD60}\RP486\A0096230.DLL
Infecté par: Generic.Lineage.2259D555

C:\System Volume Information\_restore{C1CB389C-F78B-444D-936C-40379375CD60}\RP486\A0096230.DLL
Echec de la désinfection

C:\System Volume Information\_restore{C1CB389C-F78B-444D-936C-40379375CD60}\RP486\A0096230.DLL
Supprimé

C:\WINDOWS\msmhost.dll
Infecté par: Trojan.Agent.BHO.O

C:\WINDOWS\msmhost.dll
Echec de la désinfection

C:\WINDOWS\msmhost.dll
Echec de la suppression

C:\WINDOWS\nsduo.dll
Infecté par: Trojan.Downloader.Agent.YNQ

C:\WINDOWS\nsduo.dll
Echec de la désinfection

C:\WINDOWS\nsduo.dll
Echec de la suppression

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip=>Setup.exe
Infecté par: Win32.Worm.P2P.Puce.G

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip=>Setup.exe
Echec de la désinfection

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip=>Setup.exe
Supprimé

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip
Mis à jour
0
Réponse 13 / 25
babdel Messages postés 19 Statut Membre
 
voila celui de hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:24:08, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\Nadia\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: sapnet - {3F26F381-7E23-417D-B30A-33626B8EBF61} - C:\WINDOWS\sapnet.dll (file missing)
O21 - SSODL: rmvgor - {305BCC74-E2D4-4CEB-9C0F-5D8F7AF77917} - C:\WINDOWS\rmvgor.dll (file missing)
O21 - SSODL: msmhost - {40B13383-1959-4A92-A8F3-CE03A9C200B4} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {23FD38A0-0F18-46DB-851F-59575B419DBC} - C:\WINDOWS\msmdev.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 14 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2

O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll

O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\Nadia\LOCALS~1\Temp\MsgPlusUninst.bat"

O21 - SSODL: sapnet - {3F26F381-7E23-417D-B30A-33626B8EBF61} - C:\WINDOWS\sapnet.dll (file missing)
O21 - SSODL: rmvgor - {305BCC74-E2D4-4CEB-9C0F-5D8F7AF77917} - C:\WINDOWS\rmvgor.dll (file missing)
O21 - SSODL: msmhost - {40B13383-1959-4A92-A8F3-CE03A9C200B4} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {23FD38A0-0F18-46DB-851F-59575B419DBC} - C:\WINDOWS\msmdev.dll (file missing)

__________________________

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
C:\WINDOWS\msmhost.dll
C:\WINDOWS\nsduo.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

___________________________

utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

_________________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans
puis redemarre ton ordi
puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

_______________

pour ca vide ta poubelle:

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip

________________

recolle ensuite un rapport hijackthis, un scan bitdefender et dis tes soucis
0
Réponse 15 / 25
babdel Messages postés 19 Statut Membre
 
voila le raport otmoveit je les fai 2 fois de suite parce que quand je clic sur moveit la premiere fois tout s'en va donc voila :

File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp not found.
File/Folder C:\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp not found.
File/Folder C:\WINDOWS\msmhost.dll not found.
C:\WINDOWS\nsduo.dll unregistered successfully.
C:\WINDOWS\nsduo.dll moved successfully.

Created on 11/22/2007 22:49:57
0
Réponse 16 / 25
babdel
 
pour cleaner je lance le nettoyage de windows ou applications ?
0
Réponse 17 / 25
babdel Messages postés 19 Statut Membre
 
voila le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:35:34, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: msmhost - {08C22D66-84B1-418F-A65C-9E022E698DF5} - C:\WINDOWS\msmhost.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 18 / 25
babdel Messages postés 19 Statut Membre
 
donc j'ai fai un nettoyage de windows seulement avec cleaner .
ensuite pour ce message j'ai pas compris ce que je devais faire :
pour ca vide ta poubelle:

E:\RECYCLER\S-1-5-21-1220945662-1078145449-682003330-1003\De1.zip
et la jattend le scan en ligne de bitdeffender
0
Réponse 19 / 25
babdel Messages postés 19 Statut Membre
 
voila le scan bitdeffender:
BitDefender Online Scanner

Rapport d'analyse généré à: Fri, Nov 23, 2007 - 00:55:08

Voie d'analyse: A:\;C:\;D:\;E:\;

Statistiques

Temps
01:14:06

Fichiers
216268

Directoires
4367

Secteurs de boot
4

Archives
2448

Paquets programmes
12263

Résultats

Virus identifiés
5

Fichiers infectés
50

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
50

Info sur les moteurs

Définition virus
878517

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
7

E-mail plugins
6

Système plugins
1

Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions

Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui

Fichier analysé
Statut

C:\Program Files\Trend Micro\HijackThis\backups\backup-20071122-224755-561.dll
Infecté par: Trojan.Downloader.Agent.YNQ

C:\Program Files\Trend Micro\HijackThis\backups\backup-20071122-224755-561.dll
Echec de la désinfection

C:\Program Files\Trend Micro\HijackThis\backups\backup-20071122-224755-561.dll
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT121.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT12F.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT14A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT152.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Infecté par: Trojan.Agent.BHO.O

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp=>archstored:ac8zt2/msmhost.dll
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT15E.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT163.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT172.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT175.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT186.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Infecté par: Trojan.Downloader.Agent.YNU

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp=>archstored:ac8zt2/msmdev.dll
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT42A.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT55.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C0.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5C7.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E4.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT5E8.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BIT60.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/edi.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Infecté par: Trojan.Agent.BHO.N

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/install.bat
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Infecté par: Trojan.Agent.ABSG

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp=>archstored:ac8zt2/main_uninstaller.exe
Supprimé

C:\_OTMoveIt\MovedFiles\Documents and Settings\Nadia\Local Settings\Temp\BITBF.tmp
Echec de la mise à jour

C:\_OTMoveIt\MovedFiles\WINDOWS\msmhost.dll
Infecté par: Trojan.Agent.BHO.O

C:\_OTMoveIt\MovedFiles\WINDOWS\msmhost.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\WINDOWS\msmhost.dll
Supprimé

C:\_OTMoveIt\MovedFiles\WINDOWS\nsduo.dll
Infecté par: Trojan.Downloader.Agent.YNQ

C:\_OTMoveIt\MovedFiles\WINDOWS\nsduo.dll
Echec de la désinfection

C:\_OTMoveIt\MovedFiles\WINDOWS\nsduo.dll
Supprimé
0
Réponse 20 / 25
babdel Messages postés 19 Statut Membre
 
appareament le virus est tjrs la mon pc rame , je prd la conection internet de temps en temp , mon fond d'ecran est bleu cette fois ci une fois bleu une foi rouge il change
0