Sujet Précédent Sujet Suivant

Pb elimination virus

Fermé
jmona43 - 28 janv. 2008 à 11:01
 Raymond - 11 juin 2008 à 06:52
Bonjour,

J'ai un pb sur mon ordin et j'aurai besoin de votre aide.
Avast a détecté un cheval de troie.
J'ai suivi les instructions sur le forum pour desinfecter son ordinateur
Je colle comme indiqué les 3 rapports établis
merci par avance de votre réponse étant précisé que je suis une débutante en informatique
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:14:51 28/01/2008

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\WR -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\runner1 -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo -> Adware.Generic : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044661.exe -> Downloader.Adload.pr : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037697.exe -> Downloader.Agent.cbx : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046658.exe -> Downloader.Agent.cbx : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044659.exe -> Downloader.Agent.erf : Ignoré.
H:\WINDOWS\b128.exe -> Downloader.Agent.ezc : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037698.exe -> Downloader.Agent.fjn : Ignoré.
H:\WINDOWS\b151.exe -> Downloader.Agent.fjn : Ignoré.
H:\WINDOWS\b151.exe.bin/b151.exe -> Downloader.Agent.fjn : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP198\A0037684.exe -> Downloader.VB.caw : Ignoré.
H:\WINDOWS\system32\edcA01\edcA011065.exe -> Downloader.VB.caw : Ignoré.
H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\Microsoft ActiveSync\wcescomm.exe -> Dropper.Agent.dgo : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0038608.exe -> Dropper.Agent.dgo : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0038623.exe -> Dropper.Agent.dgo : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044657.exe -> Dropper.Agent.dgo : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044662.exe -> Dropper.Agent.dgo : Ignoré.
H:\WINDOWS\system32\vtsqq.exe -> Dropper.Agent.dgo : Ignoré.
H:\WINDOWS\system32\Οracle\dllhost.exe -> Dropper.Agent.dgo : Ignoré.
H:\Program Files\Words\UnInstall.exe -> Not-A-Virus.Adware.Agent : Ignoré.
H:\Program Files\Words\Words.exe -> Not-A-Virus.Adware.Agent : Ignoré.
[2432] H:\Program Files\Words\Words.exe -> Not-A-Virus.Adware.Agent : Ignoré.
H:\Program Files\Fichiers communs\Yazzle1281OinUninstaller.exe -> Not-A-Virus.Adware.PurityScan : Ignoré.
H:\WINDOWS\system32\iifgghh.dll -> Not-A-Virus.Adware.Virtumonde : Ignoré.
H:\WINDOWS\system32\pmnmkhf.dll -> Not-A-Virus.Adware.Virtumonde : Ignoré.
H:\WINDOWS\system32\xxywxya.dll -> Not-A-Virus.Adware.Virtumonde : Ignoré.
H:\Program Files\Outerinfo\FF\components\FF.dll -> Not-A-Virus.Adware.ZenoSearch : Ignoré.
H:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M2910NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.au : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@maisondevalerie.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@msnportalintlbeetoffice2007.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adrevolver[1].txt -> TrackingCookie.Adrevolver : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@adtech[1].txt -> TrackingCookie.Adtech : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@advertising[2].txt -> TrackingCookie.Advertising : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adviva[2].txt -> TrackingCookie.Adviva : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@adviva[2].txt -> TrackingCookie.Adviva : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
H:\Documents and Settings\MAMAN\Cookies\maman@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\MAMAN\Cookies\maman@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
H:\Documents and Settings\MAMAN\Cookies\maman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@e-2dj6whmyumdzmbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@estat[1].txt -> TrackingCookie.Estat : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@estat[1].txt -> TrackingCookie.Estat : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@estat[1].txt -> TrackingCookie.Estat : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@estat[1].txt -> TrackingCookie.Estat : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@fortunecity[1].txt -> TrackingCookie.Fortunecity : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-bestwestern.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-businesslab.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-psychologies.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@phg.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ivwbox[1].txt -> TrackingCookie.Ivwbox : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@mediaplex[2].txt -> TrackingCookie.Mediaplex : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@auto.search.msn[1].txt -> TrackingCookie.Msn : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@overture[1].txt -> TrackingCookie.Overture : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@perf.overture[1].txt -> TrackingCookie.Overture : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@overture[1].txt -> TrackingCookie.Overture : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@overture[1].txt -> TrackingCookie.Overture : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@questionmarket[1].txt -> TrackingCookie.Questionmarket : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@guide.real[2].txt -> TrackingCookie.Real : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@real[1].txt -> TrackingCookie.Real : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@realmedia[2].txt -> TrackingCookie.Realmedia : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@realmedia[1].txt -> TrackingCookie.Realmedia : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@tacoda[2].txt -> TrackingCookie.Tacoda : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
H:\Documents and Settings\MAMAN\Cookies\maman@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@web-stat[1].txt -> TrackingCookie.Web-stat : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@web-stat[2].txt -> TrackingCookie.Web-stat : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Ignoré.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.
H:\Documents and Settings\JULIEN\Cookies\julien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.
H:\Documents and Settings\MAMAN\Cookies\maman@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.
H:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044660.exe -> Trojan.Agent.dwb : Ignoré.


Fin du rapport

BitDefender Online Scanner
Scan report generated at: Mon, Jan 28, 2008 - 10:47:38

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics
Time 00:18:48
Files 92804
Folders 3853
Boot Sectors 0
Archives 974
Packed Files 6558

Results
Identified Viruses 11
Infected Files 33
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 32

Engines Info
Virus Definitions 977600
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 41
Unpack plugins 7
E-mail plugins 6
System plugins 5

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes


Scanned File Status
H:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\GLI34TAJ\CAPO6H5B Infected with: Trojan.Vundo.DWK
H:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\GLI34TAJ\CAPO6H5B Deleted
H:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\Q0ONM6L7\CAZ2AXJ3 Infected with: Trojan.Vundo.DWK
H:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\Q0ONM6L7\CAZ2AXJ3 Deleted
H:\Documents and Settings\MAMAN\Bureau\ghost.rar=>Norton ghost 12.0 complet.iso=>INSTALLATION/KEYGEN.EXE Infected with: Packer.Krunchy.A
H:\Documents and Settings\MAMAN\Bureau\ghost.rar=>Norton ghost 12.0 complet.iso=>INSTALLATION/KEYGEN.EXE Disinfection failed
H:\Documents and Settings\MAMAN\Bureau\ghost.rar=>Norton ghost 12.0 complet.iso=>INSTALLATION/KEYGEN.EXE Deleted
H:\Documents and Settings\MAMAN\Bureau\ghost.rar=>Norton ghost 12.0 complet.iso Update failed
H:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe Detected with: Adware.Purityscan.JA
H:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe Disinfection failed
H:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe Deleted
H:\Program Files\Words\UnInstall.exe Infected with: Trojan.Downloader.JJKI
H:\Program Files\Words\UnInstall.exe Deleted
H:\Program Files\Words\Words.exe Infected with: Trojan.Downloader.JJKI
H:\Program Files\Words\Words.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037692.ini Infected with: Trojan.Vundo.DVS
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037692.ini Disinfection failed
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037692.ini Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037697.exe Infected with: Trojan.Downloader.Agent.BHU
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP199\A0037697.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044661.exe Infected with: Trojan.Downloader.Adload.NCS
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044661.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP206\A0046643.dll Infected with: Trojan.Vundo.DWK
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP206\A0046643.dll Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046653.dll Infected with: Trojan.Vundo.DVC
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046653.dll Disinfection failed
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046653.dll Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046658.exe Infected with: Trojan.Downloader.Agent.BHU
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP207\A0046658.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046800.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046800.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046801.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046801.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046802.EXE Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046802.EXE Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046803.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046803.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046804.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046804.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046805.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046805.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046806.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046806.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046807.exe Infected with: Trojan.Dropper.Vundo.D
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046807.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046811.exe Detected with: Adware.Purityscan.JA
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046811.exe Disinfection failed
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046811.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046812.exe Infected with: Trojan.Downloader.JJKI
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046812.exe Deleted
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046813.exe Infected with: Trojan.Downloader.JJKI
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046813.exe Deleted
H:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M2910NetInstaller.exe Infected with: Trojan.Generic.73705
H:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M2910NetInstaller.exe Deleted
H:\WINDOWS\system32\awtqp.dll Infected with: Trojan.Vundo.DWK
H:\WINDOWS\system32\awtqp.dll Deleted
H:\WINDOWS\system32\gebcb.dll Infected with: Trojan.Vundo.DWK
H:\WINDOWS\system32\gebcb.dll Deleted
H:\WINDOWS\system32\gebcd.dll Infected with: Trojan.Vundo.DWK
H:\WINDOWS\system32\gebcd.dll Deleted
H:\WINDOWS\system32\geebx.dll Infected with: Trojan.Vundo.DWK
H:\WINDOWS\system32\geebx.dll Deleted
H:\WINDOWS\system32\geedb.dll Infected with: Trojan.Vundo.DWK
H:\WINDOWS\system32\geedb.dll Deleted
H:\WINDOWS\system32\iifgghh.dll Infected with: Trojan.Vundo.DVO
H:\WINDOWS\system32\iifgghh.dll Disinfection failed
H:\WINDOWS\system32\iifgghh.dll Delete failed
H:\WINDOWS\system32\pmnmkhf.dll Infected with: Trojan.Vundo.DVO
H:\WINDOWS\system32\pmnmkhf.dll Disinfection failed
H:\WINDOWS\system32\pmnmkhf.dll Deleted
H:\WINDOWS\system32\xxywxya.dll Infected with: Trojan.Vundo.DVO
H:\WINDOWS\system32\xxywxya.dll Disinfection failed
H:\WINDOWS\system32\xxywxya.dll Deleted
H:\WINDOWS\system32\RACLE~1\dllhost .exe Detected with: Adware.Purityscan.JA
H:\WINDOWS\system32\RACLE~1\dllhost .exe Disinfection failed
H:\WINDOWS\system32\RACLE~1\dllhost .exe Deleted


Scan saved at 10:52:28, on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\ALCWZRD.EXE
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\WINDOWS\mrofinu572.exe
H:\Program Files\MSN Messenger\MsnMsgr.Exe
H:\Program Files\Dot1XCfg\Dot1XCfg.exe
H:\Documents and Settings\MAMAN\Application Data\W?nSxS\s?rvices.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
H:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\HPZinw12.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F3 - REG:win.ini: load=H:\WINDOWS\system32\vtsqq.exe
O1 - Hosts: HP496B5B HP001CC4496B5B
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A3BF718-60DF-516D-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {6446801B-6CDA-5159-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {D4576C73-52BD-4401-B966-5A128C4433D4} - H:\WINDOWS\system32\iifgghh.dll
O2 - BHO: (no name) - {E3D47EE6-3C5E-42AB-B5FD-D85EC205CED6} - H:\WINDOWS\system32\vtsqq.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "H:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] H:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] H:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [runner1] H:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C88332017491394661A64DB7C8FB287E55E246220D9E728F9FC17D446BC57D5375FB0FB68AD6
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Dot1XCfg] H:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKCU\..\Run: [Huv] "H:\Documents and Settings\MAMAN\Application Data\W?nSxS\s?rvices.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] H:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - H:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - H:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - Winlogon Notify: iifgghh - H:\WINDOWS\SYSTEM32\iifgghh.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - H:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - H:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe

3 réponses

Réponse 1 / 3
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
28 janv. 2008 à 11:38
Bonjour

AVG a tout ignoré

Donc refais le comme suit

AVG l'as tu paramétré de manière à mettre en quarantaine ?
tout est "ignoré"

Recommence le scan et poste le nouveau rapport stp mais avant assure toi de :

fait dans l'ordre stp. Tu sauvegardes le rapport APRES avoir mis les actions.

Puis sur l'onglet Paramètres,
sous : "Comment réagir "clique sur Actions recommandées.
Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3

"Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Poste le.

Ensuite


Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.

Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis !

A++








0
jmona43
28 janv. 2008 à 22:53
Bonsoir marie

Merci pour ton aide

je crois que cela a marche car je ne recois plus de message d'arlete
Peux tu me le confirmer en voyant les rapports ?
voici les 3 rapports que j'ai établi

---------------------------------------------------------

+ Créé à: 21:27:42 28/01/2008

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\WR -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\runner1 -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044659.exe -> Downloader.Agent.erf : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP209\A0047658.exe -> Downloader.Agent.ezc : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP209\A0047659.exe -> Downloader.Agent.fjn : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046808.exe -> Downloader.VB.caw : Nettoyé et sauvegardé (mise en quarantaine).
H:\Program Files\Fichiers communs\Yazzle1281OinUninstaller.exe -> Not-A-Virus.Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046819.dll -> Not-A-Virus.Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP208\A0046820.dll -> Not-A-Virus.Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
H:\WINDOWS\system32\iifgghh.dll -> Not-A-Virus.Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
H:\Program Files\Outerinfo\FF\components\FF.dll -> Not-A-Virus.Adware.ZenoSearch : Nettoyé et sauvegardé (mise en quarantaine).
H:\Documents and Settings\ANTOINE\Cookies\antoine@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@maisondevalerie.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@msnportalintlbeetoffice2007.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@aoleusearch.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@e-2dj6whmyumdzmbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@fortunecity[1].txt -> TrackingCookie.Fortunecity : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-bestwestern.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-businesslab.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-psychologies.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@phg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@auto.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@guide.real[2].txt -> TrackingCookie.Real : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@real[1].txt -> TrackingCookie.Real : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@web-stat[1].txt -> TrackingCookie.Web-stat : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
H:\Documents and Settings\ANTOINE\Cookies\antoine@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
H:\Documents and Settings\JULIEN\Cookies\julien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
H:\Documents and Settings\JULIEN\Local Settings\Temp\Cookies\julien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
H:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
H:\Documents and Settings\MAMAN\Cookies\maman@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
H:\System Volume Information\_restore{E773B98D-854D-41D2-8A91-85C336F2A102}\RP204\A0044660.exe -> Trojan.Agent.dwb : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport
Fix: Version 1.132

Run by MAMAN on 28/01/2008 at 22:38

Microsoft Windows XP [version 5.1.2600]

Running From: H:\SDFix

Safe Mode:
Checking Services:

Patched user32.dll detected!

Note: SDFix Does Not Repair This File!

Download The Below Update To Restore Original user32.dll File:

https://docs.microsoft.com/en-us/


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

H:\Program Files\Dot1XCfg\Dot1XCfg.exe - Deleted
H:\Program Files\Words\list.txt - Deleted
H:\WINDOWS\17PHolmes572.exe - Deleted
H:\WINDOWS\b122.exe - Deleted
H:\WINDOWS\b143.exe - Deleted
H:\WINDOWS\mrofinu572.exe - Deleted
H:\WINDOWS\system32\pac.txt - Deleted



Folder H:\Program Files\Dot1XCfg - Removed
Folder H:\Program Files\InetGet2 - Removed
Folder H:\Program Files\Temporary - Removed
Folder H:\Program Files\Words - Removed


Scan saved at 22:44:58, on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\WINDOWS\system32\HPZipm12.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A3BF718-60DF-516D-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {6446801B-6CDA-5159-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {D4576C73-52BD-4401-B966-5A128C4433D4} - H:\WINDOWS\system32\iifgghh.dll (file missing)
O2 - BHO: (no name) - {E3D47EE6-3C5E-42AB-B5FD-D85EC205CED6} - H:\WINDOWS\system32\vtsqq.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - H:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - H:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - H:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - Winlogon Notify: iifgghh - iifgghh.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - H:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - H:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
0
Réponse 2 / 3
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
29 janv. 2008 à 12:12
Salut

Ton anti-virus n'est pas actif !!!
Pourquoi ?? Ton PC n'est pas protégé...

4/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O2 - BHO: (no name) - {1A3BF718-60DF-516D-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {6446801B-6CDA-5159-FEB8-64A397F7F1C8} - H:\WINDOWS\system32\lvhj.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {D4576C73-52BD-4401-B966-5A128C4433D4} - H:\WINDOWS\system32\iifgghh.dll (file missing)
O2 - BHO: (no name) - {E3D47EE6-3C5E-42AB-B5FD-D85EC205CED6} - H:\WINDOWS\system32\vtsqq.dll (file missing)
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O20 - Winlogon Notify: iifgghh - iifgghh.dll (file missing)


A plus tard

0
Réponse 3 / 3
Raymond
11 juin 2008 à 06:52
Bonjour,
Je constate depuis quelques semaines que les taches effectuées par mon ordi se font au ralenti. Je reçois des alertes stipulant que mon PC est infecté. Régulièrement maintenant et sans en avoir été demandeur je reçois des messages de sites comme ULA et d'autres.
Que puis-je faire pour recouvrer de façon sécurisée la capacité de fonctionnement normale de mon PC. Merci
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses