Sujet Précédent Sujet Suivant

Bilan et rapport antivirus

Fermé
je.belia - 28 févr. 2008 à 20:32
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 30 mars 2008 à 20:53
Bonjour a tous
d abord merci a tous les "pros" qui nous donnent des conseils sur ce forum et qui m ont permis de trouver pas mal de pistes pour éliminer une partie de mes virus

mon pc etant de plus en plus lent j ai voulu faire une sorte de check up en suivant les bons conseils (je crois) donnés ici
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr#introduction


voici maintenant le bilan de mes opérations et si j ai bien pigé il me reste quelques virus
(dans l ordre j ai passé ccleaner avg bitdefender puis HijackThis V2.02
quelqu un peut il me dire comment me débarrasser des derniers intrus ??

merci
jb

avg
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:25:23 27/02/2008

+ Résultat de l'analyse:



C:\WINDOWS\iLookup -> Adware.eZula : Ignoré.
HKU\S-1-5-21-606747145-1958367476-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\0\0\0\9\0\0\3 -> Adware.KeenValue : Ignoré.
C:\Program Files\FileSubmit\Disneyland\NNEZTA388.exe -> Adware.NewDotNet : Ignoré.
C:\Program Files\FileSubmit\Disneyland\TBEZA127Q.exe -> Adware.Quick : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0025248.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0026235.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0027235.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0028235.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0029235.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030235.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030276.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0031276.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031353.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031360.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031375.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031401.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031409.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031412.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031435.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031465.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0032465.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0032502.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0032530.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0032543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0033543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0034543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0035543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0037543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0038543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0039543.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0040550.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0040553.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0041553.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0041565.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0041578.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0042565.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0043565.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044565.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044578.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044591.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0044670.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0044699.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0045699.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0045738.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0046738.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0046773.ini:vjwur -> Downloader.Agent.bq : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0025248.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0026235.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0027235.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0028235.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0029235.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030235.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030276.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0031276.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031353.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031360.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031375.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031401.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031409.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031412.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031435.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0031465.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0032465.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP13\A0032502.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0032530.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0032543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0033543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0034543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0035543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0038543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP14\A0039543.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0040550.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0040553.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0041553.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP15\A0041565.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0041578.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0042565.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0043565.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044565.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044578.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP16\A0044591.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0044670.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0044699.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0045699.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0045738.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP17\A0046773.ini:kitjv -> Downloader.Agent.kd : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030263.exe -> Downloader.Dyfuca.en : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030284.exe -> Downloader.Dyfuca.en : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP12\A0031383.exe -> Downloader.Dyfuca.en : Ignoré.
C:\System Volume Information\_restore{0BBD9F6A-E21A-49A1-AEC0-E26693959554}\RP11\A0030265.exe -> Downloader.PurityScan.am : Ignoré.
C:\Documents and Settings\Jérôme\Mes documents\christian\dossiers christian\Programmes Divers\john the ripper\john-16w.zip/john-16/run/john-mmx.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : Ignoré.
C:\Documents and Settings\Jérôme\Mes documents\christian\dossiers christian\Programmes Divers\revelation.zip/revelation.exe -> Not-A-Virus.PSWTool.Win32.SnadBoy.11 : Ignoré.
:mozilla.40:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.134:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.167:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.241:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.29:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.41:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.42:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.43:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.44:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.45:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.62:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.6:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.292:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.293:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.294:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.49:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.50:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.51:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.7:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.8:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.52:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.11:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.12:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.281:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.282:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.283:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.249:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Cqcounter : Ignoré.
:mozilla.12:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.13:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.11:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.96:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.199:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Msn : Ignoré.
:mozilla.41:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.Msn : Ignoré.
C:\Documents and Settings\Véro\Cookies\véro@ie.search.msn[1].txt -> TrackingCookie.Msn : Ignoré.
C:\Documents and Settings\Véro\Cookies\véro@search.msn[1].txt -> TrackingCookie.Msn : Ignoré.
C:\Documents and Settings\Youna.JBFIX\Cookies\youna@search.msn[1].txt -> TrackingCookie.Msn : Ignoré.
:mozilla.212:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Netflame : Ignoré.
:mozilla.171:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.172:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.173:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.201:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.202:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.203:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.204:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.205:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.69:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.284:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.285:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.10:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.11:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.13:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.14:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.14:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.15:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.207:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.208:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.209:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.329:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.330:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.331:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.45:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.46:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.47:C:\Documents and Settings\Youna.JBFIX\Application Data\Mozilla\Firefox\Profiles\epjqca22.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.7:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.8:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.9:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.217:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
:mozilla.238:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.239:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.16:C:\Documents and Settings\Véro\Mes documents\doc privé\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.17:C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Application Data\Mozilla\Profiles\default\ee5e5g6o.slt\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.237:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.12:C:\Documents and Settings\Véro\Application Data\Mozilla\Firefox\Profiles\zsgd5d9e.default\cookies.txt -> TrackingCookie.Webtrends : Ignoré.
C:\Documents and Settings\Jérôme\Mes documents\christian\Documents and Settings de janvier 2005\Vero\Cookies\vero@www.ysbweb[2].txt -> TrackingCookie.Ysbweb : Ignoré.
C:\Documents and Settings\Jérôme\Mes documents\christian\dossiers christian 2\NORTON_GHOST\Symantec.Norton.Ghost.v9.Fr.crack.keygen.zip/Symantec.Norton.Ghost.v9.Fr.crack.keygen/-- Symantec Norton Ghost 9.0 - KeyGen --.exe -> Trojan.Keygen.s : Ignoré.


Fin du rapport

www.bitdefender.com/scan8/ie.html








Statistics

Time


01:57:06

Files


333655

Folders


10226

Boot Sectors


5

Archives


10795

Packed Files


14175







Results

Identified Viruses


8

Infected Files


15

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


15







Engines Info

Virus Definitions


984237

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


16

Archive plugins


41

Unpack plugins


7

E-mail plugins


6

System plugins


5







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 3)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 3)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 3)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash


Update failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 51)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 51)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash=>(message 51)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Trash


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Detected with: Adware.Gator.C

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Deleted

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)


Update failed

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)=>[Subject: postcard][Date: Tue, 23 Jan 2007 11:40:55 +0100]=>(MIME part)=>postcard.zip=>postcard.exe


Infected with: DeepScan:Generic.Stration.5416C65E

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)=>[Subject: postcard][Date: Tue, 23 Jan 2007 11:40:55 +0100]=>(MIME part)=>postcard.zip=>postcard.exe


Disinfection failed

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)=>[Subject: postcard][Date: Tue, 23 Jan 2007 11:40:55 +0100]=>(MIME part)=>postcard.zip=>postcard.exe


Deleted

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)=>[Subject: postcard][Date: Tue, 23 Jan 2007 11:40:55 +0100]=>(MIME part)=>postcard.zip


Updated

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)=>[Subject: postcard][Date: Tue, 23 Jan 2007 11:40:55 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox=>(message 758)


Updated

C:\Documents and Settings\Véro\Application Data\Thunderbird\Profiles\tmxl2nsj.default\Mail\pop.internet.lu\Inbox


Updated

C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll


Infected with: Trojan.Generic.75656

C:\Program Files\Virtools\3D Life Player\buildingblocks\characters.dll


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP301\A0101386.exe


Detected with: Adware.Backweb.M

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP301\A0101386.exe


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP301\A0101429.exe


Detected with: Adware.Backweb.M

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP301\A0101429.exe


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113341.exe


Detected with: Adware.Newdotnet.F

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113341.exe


Disinfection failed

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113341.exe


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113342.exe


Infected with: Trojan.Dloader.HK

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113342.exe


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113374.dll


Infected with: Trojan.Generic.75656

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP321\A0113374.dll


Deleted


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:09, on 28/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - https://download.sopcast.com/download/SOPCORE.CAB
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} (Vitalize Class) - http://www.clickteam.com/vitalize3/vitalize.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
A voir également:

9 réponses

Réponse 1 / 9
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
28 févr. 2008 à 21:02
slt,


Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe""
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

________________


refais avg antispyware et cette fois vire ce qui est trouvé car tu as tout ignoré !

et recolle le rapport

_________________

beaucoup d'infections trouvées par bitt defender sont dans tes messageries alors fais le menage (thunderbird et outlook )
__________________


désactive la restauration système pour purger les virus qui seraient dedans
puis redemarre ton ordi
puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
------------------


recolle un scan bit defender

______________

mets a jour internet explorer ici:

https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html

_______________

recolle hiajkthis et dis tes soucis
0
Réponse 2 / 9
je.belia
29 févr. 2008 à 09:24
slt
merci jlpjlp pour ta reponse rapide
je m y met ce week end et je poste le resultat
jibé
0
Réponse 3 / 9
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
29 févr. 2008 à 13:43
ok
aplus
0
Réponse 4 / 9
je.belia
29 févr. 2008 à 21:21
slt jlp jlp
voila ou j en suis pour l instant
j ai fait tout ce que tu as dit
une exception j ai conservé HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
parce que j utilise souvent omnipage et j ai vu sur un forum que opware ne semble pas vraiment dangereux (je ne sais pas ce que tu en penses)

j ai fait un peu le ménage dans thunderbird mais il me reste deux messages virusés 624 628
y a t il un moyen de repérer leur numero dasn thunderbird pour les virer manuellement?

en ce qui concerne outlook je suis un peu coincé
en fait je n utilise plus outlook depuis des lustres et je crois meme ne l avoir jamais installé sur cet ordi
peut etre que les virus ont un lien avec le disc dur de mon ancien ordi que j ai reinstallé sur celui ci ??
en tout cas qund je fais demarrer rechercher outlook , il ne me trouve rien
donc la je ne sais pas trop quoi faire

quand a Exploit.Iframe.Vulnerability.B j ai l impression que je l ai encore non?
merci pour tes conseils
a +
jibé



rapport avg

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 17:49:07 29/02/2008

+ Résultat de l'analyse:



:mozilla.148:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.26:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.132:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.133:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.134:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.104:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.14:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.15:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.138:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.139:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\Jérôme\Cookies\jérôme@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\RECYCLER\S-1-5-21-606747145-1958367476-839522115-1004\Dc68.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.98:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Jérôme\Cookies\jérôme@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Jérôme\Cookies\jérôme@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.149:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.150:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.151:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.152:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.153:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.154:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.155:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.41:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.42:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.43:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.45:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.35:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.40:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.145:C:\Documents and Settings\Jérôme\Application Data\Mozilla\Firefox\Profiles\gg4m2f3m.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.


Fin du rapport


rapport de bitdefender

Scanned File


Status

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 06:12:50 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 84)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Infected with: Exploit.Iframe.Vulnerability.B

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Disinfection failed

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)=>(message body)


Deleted

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 05:44:51 +0100]=>(MIME part)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 85)


Updated

C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx


Update failed

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Detected with: Adware.Gator.C

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Deleted

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)


Update failed

C:\RECYCLER\S-1-5-21-606747145-1958367476-839522115-1003\Dc1\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Detected with: Adware.Gator.C

C:\RECYCLER\S-1-5-21-606747145-1958367476-839522115-1003\Dc1\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)=>Gain_Trickler.exe


Deleted

C:\RECYCLER\S-1-5-21-606747145-1958367476-839522115-1003\Dc1\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe=>(VISE Installer o)


Update failed


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:24, on 29/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - https://download.sopcast.com/download/SOPCORE.CAB
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} (Vitalize Class) - http://www.clickteam.com/vitalize3/vitalize.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
1 mars 2008 à 13:06
ok


pour ces deux types d'infections ce sont des mails dans tes messageries qui sont inféctés, : vire les messages que tu ne connais pas ou ceux dans tes corbeilles de messagerie


C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox



C:\Documents and Settings\Jérôme\Local Settings\Application Data\Identities\{02947479-FD63-4AA6-9F8C-8986FA35EAC0}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 75)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Tue, 1 Jan 2002 22:36:00 +0100]=>(MIME part)=>(MIME part)=>(message body)


________________


les lecteur divx en version pro sont souvent associés a des espions, mets plutot un lecteur divix non pro


vire ce fichier en allant dans poste de travail puis:

C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe

C:\RECYCLER\S-1-5-21-606747145-1958367476-8395à22115-1003\Dc1\Logiciels\codec\DivX5.02\DivX­Pro502GAINBundle.exe=>(VISE Installer o)


___________________


télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :




C:\Documents and Settings\Jérôme\Mes documents\copie dvd\Rippackv3\Logiciels\codec\DivX5.02\DivXPro502GAINBundle.exe

C:\RECYCLER\S-1-5-21-606747145-1958367476-8395à22115-1003\Dc1\Logiciels\codec\DivX5.02\DivX­Pro502GAINBundle.exe


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_______________

vire ce qui est dans moved files en allant dans poste de travail puis C puis otmovit

______________


recolle un rapport bitdefender et dis tes soucis
0
Réponse 6 / 9
je.belia
4 mars 2008 à 20:40
salut jlpjlp

apparemment j ai fait une fausse manoeuvre dans l envoi des mails puisque mon mail de dimanche n est pas suee forum
alors je le reposte

voila ca avance ; j ai viré pas mal de chose mais
> il me reste deux mails infectés (pourtant j ai impression que ma boite
> ne contient plus que des messages "surs"? et tres peu de fichiers joints
> j essaierai encore de la nettoyer
il me reste aussi un Gain_Trickler.exe=
> sinon tt semble ok

> merci pour ton aide et je suis bien sur preneur si tu as d autres pistes pour les 2 qui "resistent"

jibé



BitDefender Online Scanner







Scan report generated at: Sun, Mar 02, 2008 - 12:58:48









Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;J:\;















Statistics

Time


01:32:03

Files


330043

Folders


10263

Boot Sectors


5

Archives


9598

Packed Files


14094







Results

Identified Viruses


2

Infected Files


3

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


3







Engines Info

Virus Definitions


984863

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


16

Archive plugins


41

Unpack plugins


7

E-mail plugins


6

System plugins


5







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 624)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Infected with: Win32.Worm.Stration.FC.m

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Disinfection failed

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox=>(message 628)


Deleted

C:\Documents and Settings\Jérôme\Application Data\Thunderbird\Profiles\0ycocvnq.default\Mail\Local Folders\Inbox


Update failed

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP8\A0000487.exe=>(VISE Installer o)=>Gain_Trickler.exe


Detected with: Adware.Gator.C

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP8\A0000487.exe=>(VISE Installer o)=>Gain_Trickler.exe


Deleted

C:\System Volume Information\_restore{74DB9597-2C37-4CE0-88CA-C1D9FEDE1DA1}\RP8\A0000487.exe=>(VISE Installer o)


Update failed
0
Réponse 7 / 9
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 mars 2008 à 21:46
ok il faudra finir effectivement le menage dans tes mail


sinon pour gain tricker c'est simple : fais ceci:


passé désactive la restauration système pour purger les virus qui sont dedans
puis redemarre ton ordi
puis réactive là

(dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)


a plus
0
Réponse 8 / 9
je.belia
30 mars 2008 à 20:17
bonjour
> de retour de vacances je prends deux minutes pour te remercier pour ton aide precieuse
> grace a toutes tes indications tout est propre dans l ordi desormais
> merci encore et a une prochaine peut etre
> jibe
0
Réponse 9 / 9
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
30 mars 2008 à 20:53
ok

de rien


bonne continuation
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
mysti -

17 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
Fixer un résultat pour de bon à l'aide d'une fonction.
Bioforge -
Bioforge -

1 réponse