[resolu] probleme de pop-up aprés supréssion de "command.exe"
Dernière réponse : dans Sécurité
Bonjour, j'ai été contaminé par le virus "command.exe", j'ai réussi a m'en debarasser mais il lorsque je me connecte a internet des pop-up s'ouvrent sans arret. J'ai norton antivirus 2004 et spybot SD, si vous avez quelque chose de plus a me conseiller...
voici mon scan HiJackThis
Logfile of HijackThis v1.99.1
Scan saved at 20:13:28, on 02/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Bertrand\Mes documents\fichers téléchargés\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=...
O17 - HKLM\System\CCS\Services\Tcpip\..\{890811E3-534D-4E67-9CDD-9C92D9698915}: NameServer = 213.36.80.1 213.36.80.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\fp4803hue.dll
O20 - Winlogon Notify: winrvc32 - winrvc32.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Merci d'avance
;-)
voici mon scan HiJackThis
Logfile of HijackThis v1.99.1
Scan saved at 20:13:28, on 02/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Bertrand\Mes documents\fichers téléchargés\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=...
O17 - HKLM\System\CCS\Services\Tcpip\..\{890811E3-534D-4E67-9CDD-9C92D9698915}: NameServer = 213.36.80.1 213.36.80.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\fp4803hue.dll
O20 - Winlogon Notify: winrvc32 - winrvc32.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Merci d'avance
;-)
Autres pages sur : resolu probleme pop supression command exe
Lassé par la pub ? Créez un compte
Conseil d angeldark:
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Imprime ces instructions, ou colle les dans un fichier texte.
Regarde bien l'indication en bas, avant de commencer la procédure.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
. Ferme toutes les fenêtres actives.
. Lance l'outil Look2Me-Destroyer.exe.
. Coche Run this program as a task
. Un message s'affichera :
"Look2Me-Destroyer will close and re-open in approximately 1 minute"-> OK
. Il se relancera après la minute, puis appuie sur le bouton Scan for L2M.
. Les icônes de ton Bureau vont disparaître.
. Le scan termine, clique sur Remove L2M
. Un nouveau message Done Scanning apparaîtra, clique sur OK.
. Suivi de Done removing infected files! Look2Me-Destroyer will now shutdown your computer -> OK.
. Ton PC va s’éteindre.
. Démarre ton PC normalement.
. Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt ,ainsi qu'un rapport HijackThis.
Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Merci beaucoup, pour tes conseils, je crois que ca a marché puisque je n'ai pas eu de pop-up pour l'instant.
L2m scan:
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 02/06/2006 21:34:36
Infected! C:\WINDOWS\system32\fp4803hue.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\fp4803hue.dll
C:\WINDOWS\system32\fp4803hue.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll could not be deleted!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C140FD2E-085A-4A32-9A47-85F37CA72E7B}"
HKCR\Clsid\{C140FD2E-085A-4A32-9A47-85F37CA72E7B}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A9F7FAAE-2518-4024-ABD2-C3B4EF322D6C}"
HKCR\Clsid\{A9F7FAAE-2518-4024-ABD2-C3B4EF322D6C}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
HijackThis scan:
Logfile of HijackThis v1.99.1
Scan saved at 21:52:13, on 02/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Bertrand\Mes documents\fichers téléchargés\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=...
O17 - HKLM\System\CCS\Services\Tcpip\..\{890811E3-534D-4E67-9CDD-9C92D9698915}: NameServer = 213.36.80.1 213.36.80.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winrvc32 - winrvc32.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Encore merci, toujours aussi professionnel. :amis:
L2m scan:
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 02/06/2006 21:34:36
Infected! C:\WINDOWS\system32\fp4803hue.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll
Infected! C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\fp4803hue.dll
C:\WINDOWS\system32\fp4803hue.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033768.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033861.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033875.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033899.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033900.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033908.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033909.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033927.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0033961.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034961.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034969.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034986.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034991.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034992.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034993.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034994.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0034995.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035104.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035210.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0035316.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0036319.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037370.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037481.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037495.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP160\A0037499.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037520.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037521.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037522.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037523.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037524.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037525.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037526.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037527.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037528.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037529.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037530.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037531.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037532.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037533.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037534.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037535.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037546.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037547.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037551.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037676.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037684.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037692.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037693.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP161\A0037697.dll could not be deleted!
Attempting to delete: C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll
C:\System Volume Information\_restore{88CD21E5-BDC8-451E-A640-E385F22CE753}\RP162\A0037702.dll could not be deleted!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{C140FD2E-085A-4A32-9A47-85F37CA72E7B}"
HKCR\Clsid\{C140FD2E-085A-4A32-9A47-85F37CA72E7B}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A9F7FAAE-2518-4024-ABD2-C3B4EF322D6C}"
HKCR\Clsid\{A9F7FAAE-2518-4024-ABD2-C3B4EF322D6C}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
HijackThis scan:
Logfile of HijackThis v1.99.1
Scan saved at 21:52:13, on 02/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Bertrand\Mes documents\fichers téléchargés\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=...
O17 - HKLM\System\CCS\Services\Tcpip\..\{890811E3-534D-4E67-9CDD-9C92D9698915}: NameServer = 213.36.80.1 213.36.80.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winrvc32 - winrvc32.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Encore merci, toujours aussi professionnel. :amis:
Fais ca:
Ewido
Telecharge ewido sur ce site:
www.infos-du-net.com/telecharger/Ewido-Anti-Malware.htm...
Fais les mise a jour puis fais un scan et post le rapport
Ewido
Telecharge ewido sur ce site:
www.infos-du-net.com/telecharger/Ewido-Anti-Malware.htm...
Fais les mise a jour puis fais un scan et post le rapport
J'ai fais un premier scan mais on ( mon petit frere :boulay: ) a fermé la fenetre avant la fin de l'analyse , il avait detecté 133 malwares. J'ai donc fait un second scan que voila :
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 23:13:08, 02/06/2006
+ Somme de contrôle: E2D83132
+ Résultats du scan:
C:\WINDOWS\system32\fp4803hue.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\m4280efueh280.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\njp.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\oins.exe -> Downloader.PurityScan.cp : Nettoyer et sauvegarder
::Fin du rapport
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 23:13:08, 02/06/2006
+ Somme de contrôle: E2D83132
+ Résultats du scan:
C:\WINDOWS\system32\fp4803hue.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\m4280efueh280.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\njp.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\oins.exe -> Downloader.PurityScan.cp : Nettoyer et sauvegarder
::Fin du rapport
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme de pop-up ou virus
- ForumProbleme pop-up et spyware secure
- ForumProbleme avec pop-up winantivirus pro 2006
- ForumProbleme de pop-up
- ForumProbleme de pop-up et menace de virus
- ForumPop-up. comment regler le probleme
- ForumProbleme drive clean, pop-up
- ForumProbleme iexplorer.exe, pop up et processus
- Voir plus
