Sujet Précédent Sujet Suivant

Résidus de virus ? Que faire ?

May -  
 Utilisateur anonyme -
Bonjour !!
J'ai eu des pbs récemment sur mon PC et maintenant dès que j'ouvre une session m'apparaissent un tas de fenêtres appelées updmgr.exe, wglbxg.exe, GMT.exe... et le message est le suivant "l'application n'a pas réussi à s'initialiser correctement, cliquer sur OK pour l'arrêter".
Et puis je ne sais pas si c'est lié mais je n'arrive pas à faire fonctionner l'imprimante.
J'ai pu virer ce matin le virus PE_PARITE.A
Mais quand j'utilise le PC, très souvent un antivirus ouvre une fenêtre pour informer qu'il a détecté un virus, toujours différent et toujours dans un autre endroit, mais il spécifie qu'il l'a déjà nettoyé.
J'Y COMPRENDS RIEN !!!!
Essayez d'éclairer ma lanterne si le coeur vous en dit
Merci d'avance ! Bonne aprèm
May
A voir également:

65 réponses

Réponse 1 / 65
Utilisateur anonyme
 
salut fait un scan en ligne sur ravantivirus

Ajouté par balltrap34(27/05/2004 à 22:59 GMT+1)
salut
Faite scan en ligne et coller le rapport ici sur le post
utiliser l'antivirus en ligne suivant :
http://www.ravantivirus.com/scan/
Cliquer sur "To continue without subscribing click here" et attendre quelques minutes.

Lorsque "Ready" est affiché dans "status", cocher la case "Autoclean" puis cliquer sur "Scan my PC"
A la fin de l'analyse, copier/coller le rapport ici.

on te diras quoi faire ensuite ;-)

@+++++++++++++++
0
May
 
Salut

Merci de te pencher sur mon cas. Je suis peut-être pas très douée, mais après avoir cliqué sur "to continue without subscribing click here" je ne vois nulle part de "ready", ni de "status", ni "autoclean' ou encore "scan my PC"..
Sorry but.... help !!
Tx
0
bernie61
 
Salut
tu dois utiliser navigateur INTERNET EXPLOREUR etnon Firefox ou Netscape pour que RAV fonctioone; tu dois aussi autoriser java , regarde ta config dans OptionInternet/Sécurité/PERSONALISER LE NIVEAU
le lien direct est
http://www.ravantivirus.com/scan/indexn.php
a+
0
May
 
Bsoir

Merci pour les tuyaux.
Pourrais-tu me filer ton adresse mail simplement pour que je t'envoie le rapport d'erreurs ? Celui-ci est très long, je voudrais pas tout saturer dans des pages et des pages de lignes.
Bonne soirée-nuit :
Et merci
May
0
May
 
Coucou
C'est re-moi
1h après, fin du scan.
Result : 31 viruses found
275 files infected
Cool !!!
May
0
Emmanuel
 
Scan started at 1/19/2005 11:39:39 PM

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC100.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC100.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC101.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC101.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC102.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC102.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC105.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC105.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC106.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC106.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC107.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC107.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC108.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC108.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC10A.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC10A.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC10B.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC10B.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC111.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC111.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC118.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC118.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC18.tmp->(part0002:part_01_safcaib1.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC1B.tmp->(part0002:document43.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC1D.tmp->(part0002:datfiles.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC1E.tmp->(part0002:important_bakouissa.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC1F.tmp->(part0002:msg_privilegefrance.txt .exe) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC20.tmp->(part0002:old_photos.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC21.tmp->(part0002:my_details.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC22.tmp->(part0002:id43342.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC23.tmp->(part0002:website.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC24.tmp->(part0002:message_alaoaicha.txt.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC25.tmp->(part0002:file.doc.exe) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC26.tmp->(part0002:websitelist01.exe) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC27.tmp->(part0002:data_bagsalam.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC28.tmp->(part0002:id09509.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC29.tmp->(part0002:message.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC2A.tmp->(part0002:part6.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC2B.tmp->(part0002:email.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC2C.tmp->(part0002:corrected_djenabousall.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC2D.tmp->(part0002:my_numbers.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC2E.tmp->(part0002:data.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC37.tmp->(part0002:details.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC3B.tmp->(part0002:about_you.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC3D.tmp->(part0002:readme.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC3E.tmp->(part0002:about_you_ehdiop.doc .pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC40.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC40.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC41.tmp->(part0002:letter.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC42.tmp->(part0002:letter.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC43.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC43.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC44.tmp->(part0002:file.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC46.tmp->(part0002:list.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC48.tmp->(part0002:details.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC49.tmp->(part0002:bill.txt .pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4A.tmp->(part0002:details.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4B.tmp->(part0002:summary2004.txt .scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4C.tmp->(part0002:list.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4D.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4D.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4E.tmp->(part0002:story.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC4F.tmp->(part0002:datfiles.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC50.tmp->(part0002:application.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC51.tmp->(part0002:details.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC52.tmp->(part0002:information_martinime.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC53.tmp->(part0002:details.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC54.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC54.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC55.tmp->(part0002:message.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC56.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC56.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC57.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC57.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC58.tmp->(part0002:data_jkgen1.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC59.tmp->(part0002:document.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC5C.tmp->(part0002:data20.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC5D.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC5D.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC5E.tmp->(part0002:id04009_erik.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC5F.tmp->(part0002:details.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CC60.tmp->(part0002:software.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCDE.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCDE.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE7.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE7.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE8.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE8.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE9.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCE9.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEA.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEA.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEB.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEB.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEC.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEC.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCED.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCED.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEE.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEE.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEF.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCEF.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF0.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF0.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF1.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF1.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF2.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF2.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF3.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF3.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF4.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF4.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF5.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF5.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF6.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF6.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF8.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF8.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF9.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCF9.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFA.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFA.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFB.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFB.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFC.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFC.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFD.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFD.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFE.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFE.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFF.tmp->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\ruzindana\Local Settings\Temp\CCFF.tmp->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
C:\WINDOWS\base64.tmp->(Base64) - Win32/Netsky.P@mm -> Infected
C:\WINDOWS\zip1.tmp->(Base64)->document.txt .exe - Win32/Netsky.P@mm -> Infected
C:\WINDOWS\zip2.tmp->(Base64)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
C:\WINDOWS\zip3.tmp->(Base64)->details.txt .pif - Win32/Netsky.P@mm -> Infected
C:\WINDOWS\zipped.tmp->details.txt .pif - Win32/Netsky.P@mm -> Infected

Scanned
============================
Objects: 27083
Directories: 2060
Archives: 6656
Size(Kb): -788275
Infected files: 137

Found
============================
Viruses found: 2
Suspicious files: 0
Disinfected files: 0
Mail files: 122
0
Réponse 2 / 65
jos123 Messages postés 74 Statut Membre 6
 
C´est moi. Pour ce qui est de Ravantivirus, après avoir cliké "clikez ici" deux fenêtres apparaissent: Examiner et Scan Now. C´est une application de Java qui me demande d´écrire qq. chose: you must select a file first.
Scan Now -sans appât- reste bloqué. ¿Qu ´est ce qui se passe? Je demande des excuses pour cette interruption
0
Réponse 3 / 65
Utilisateur anonyme
 
salut je ^pense que tu n'utlise pas internet explorer c pour que t'arrive pas a faire un scan complet .
donc reessay mais cette fois ci avec internet explorer ca deverai marché normalement ;-)
@++++++++
0
Réponse 4 / 65
Utilisateur anonyme
 
salut may colle le raport ici apres on te dira comment supprimé les virus :-)

@+++++++++++
0
May
 
Plop jess15
Voici le rapport


Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\All Users\Documents\FirefoxSetup-fr-0.8.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\tet3.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\Cécile\Bureau\DivXPro51GAINBundle.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Cécile\Bureau\MPSetupXP.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Cécile\Local Settings\Temp\iqa2.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.115: (liste.info-help@inxl6.org [**SPAM** hello])->(part0001:found.htm.exe) - Win32/Netsky.B@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.98: (Webmaster@volkswagen.de [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.97: (webmaster@wanadoo.fr [**SPAM** Info])->(part0002:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.96: (Webmaster@aol.com [**SPAM** Connection failed])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.95: (johan.favere@skynet.be [**SPAM** Oh my God])->(part0002:shocked-text.zip)->Pmessage-text.txt... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.94: (Home@volkswagen.de [**SPAM** Warning!])->(part0002:check_this.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.93: (help@skynet.be [**SPAM** Database #Error])->(part0001:error-message.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.90: (ccvosomage@evc.net [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.87: (ciprel@cityline.ru [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.86: (ciprel@cityline.ru [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.84: (ciprel@cityline.ru [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.83: (p.schofield@tasc.ac.uk [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.81: (cherry@neta.com [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.80: (p.schofield@tasc.ac.uk [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.74: (soucasse@ecolog.cnrs.fr [**SPAM** Re: Your product])->(part0002:your_product.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.73: (p.schofield@tasc.ac.uk [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.72: (ccvosomage@evc.net [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.71: (Administrator@pandora.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_a... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.70: (Administrator@hotmail.com [**SPAM** Faulty mail delivery])->(part0002:Administrator_attach.z... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.69: (ced.muhlenbach@evc.net [**SPAM** hey you])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.68: (RobotMailer@hotmail.com [**SPAM** Invalid mail sentence length])->(part0002:RobotMailer_atta... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.66: (RobotMailer@jlm-informatique.com [**SPAM** Message Error])->(part0002:RobotMailer_attach.zip... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.65: (webmaster@aol.com [**SPAM** Info])->(part0001:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.64: (vince.pat@evc.net [**SPAM** Hey])->(part0001:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.63: (Webmaster@volkswagen.de [**SPAM** Illegal signs in Mail-Routing])->(part0002:Webmaster_attac... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.62: (Administrator@skynet.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_at... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.61: (vince.pat@evc.net [**SPAM** Hey])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.60: (Gunther.Goessens@volkswagen.de [**SPAM** Oh my God])->(part0001:shocked-text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.59: (CCVOSOMAGE@evc.net [**SPAM** hey you])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.58: (Police@skynet.be [**SPAM** Your document])->(part0002:corrected_text-file.zip)->Pmessage-tex... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.57: (webmaster@skynet.be [**SPAM** Info])->(part0001:messagedoc.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.56: (AutoMailer@flender-graff.com [**SPAM** Mail delivery failed])->(part0002:AutoMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.55: (talon@talonsoft.com [**SPAM** what's up?])->(part0002:bill_yours.exe) - Win32/Netsky.C@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.54: (alves@evc.net [**SPAM** Hi, it's me])->(part0002:text.zip)->Pmessage-text.txt .pif - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.53: (mbuonomo@flender-graff.com [**SPAM** Database #Error])->(part0001:error-message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.52: (JCHESS@flender-graff.com [**SPAM** Well, surprise?!])->(part0001:your_passwords.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.51: (p.heiderich@laposte.net [**SPAM** Database #Error])->(part0002:message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.50: (Webmaster@aol.com [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.49: (alves@evc.net [**SPAM** Hi!])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.48: (Administrator@groupe-casino.fr [**SPAM** Database #Error])->(part0001:message.zip)->Pmessage... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.47: (RobotMailer@incredimail.com [**SPAM** Connection failed])->(part0002:RobotMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.46: (error@yahoo.fr [**SPAM** Database #Error])->(part0002:partial.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.45: (Administrator@incredimail.com [**SPAM** Invalid mail sentence length])->(part0002:Administra... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.44: (alsace@ademe.fr [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.43: (ccvosomage@evc.net [**SPAM** Re: Here is the document])->(part0002:document_full.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.38: (privacy@incredimail.com [**SPAM** Database #Error])->(part0001:partial.zip)->Pmessage-text.t... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.32: (alphasai@canl.nc [**SPAM** 0i09u5rug08r89589gjrg])->(part0002:id09509.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.29: (skoorpio@yahoo.com [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.28: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.12: (ciprel@cityline.ru [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.11: (cherry@neta.com [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.9: (cherry@neta.com [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.8: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.6: (skoorpio@yahoo.com [**SPAM** Re: Here])->(part0002:yours.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.5: (p.schofield@tasc.ac.uk [**SPAM** Re: Your letter])->(part0002:your_letter.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.4: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.1: (Service@groupe-casino.fr [**SPAM** Confirmation Required])->(part0002:Service-attachment.zip)... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Microsoft\Internet Explorer\V0.15.dat - Trojan:Win32/Dialui.A -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\era4.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\twaintec.cab->polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temporary Internet Files\Content.IE5\UXZ15MYD\games7[1].cab->games.exe->(UPXW) - Trojan:Win32/Dialui.A.dr -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temporary Internet Files\Content.IE5\ZFKLZ4X9\games3[1].cab->games.exe->(UPXW) - Trojan:Win32/Dialui.A.dr -> Infected
C:\Documents and Settings\Gérard\Mes documents\840-fra-xp.rar->840-fra-xp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.1: (ju.lucie@wanadoo.fr [Re: read it immediately])->(part0002:bill_ccvosomage.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.0: (user-help@hotmail.com [DBase Error [id:2583]])->(part0002:p_message3942.EML.bat) - Win32/Sober.G@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\hzqB2.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\RarSFX0\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\RarSFX0\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\SJ3X27HL\ESBAdultInstaller[1].ocx - TrojanDownloader:Win32/Agent.BP -> Infected
C:\Documents and Settings\UTILISATEUR\Application Data\winlink\winlink.dll - TrojanDownloader:Win32/Winshow -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\mje1.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\RarSFX0\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\RarSFX0\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Véronique\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\Véronique\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Infected
C:\GEOPLANW\Install_Cabri_II_Plus.exe - Win32/Parite.B -> Infected
C:\ProfNOTE5\ProfNote.exe - Win32/Parite.B -> Infected
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe - Win32/Parite.B -> Infected
C:\Program Files\Ahead\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Program Files\C2Media\Setup.exe - TrojanDownloader:Win32/Swizzor.AG -> Infected
C:\Program Files\Canon\RemoteCapture Task\EWatch.exe - Win32/Parite.B -> Infected
C:\Program Files\Canon\ZoomBrowser EX\CameraWindow\EWatch.exe - Win32/Parite.B -> Infected
C:\Program Files\Canon\ZoomBrowser EX\PhotoRecord\Program\PhotoRecord.exe - Win32/Parite.B -> Infected
C:\Program Files\Common Files\updmgr\rvupdmgr.exe - TrojanDownloader:Win32/Keenval.A -> Infected
C:\Program Files\Common Files\updmgr\simgr.exe - TrojanDownloader:Win32/Keenval.C -> Infected
C:\Program Files\Common Files\updmgr\updmgr.exe - TrojanDownloader:Win32/Keenval.E -> Infected
C:\Program Files\dialers\stmtdlr.exe - TrojanDownloader:Win32/Dyfica.AB -> Infected
C:\Program Files\eMule\emule.exe - Win32/Parite.B -> Infected
C:\Program Files\ISTbar\istbar.dll - TrojanDownloader:Win32/Istbar.DH -> Infected
C:\Program Files\Micro Application\Atlas Routier\Atlas Routier\Atlas_Routier.exe - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\EXCEL.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\MSACCESS.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\POWERPNT.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\WINWORD.EXE - Win32/Parite.B -> Infected
C:\Program Files\Mozilla Firefox\firefox.exe - Win32/Parite.B -> Infected
C:\Program Files\MSN Messenger\msnmsgr.exe - Win32/Parite.B -> Infected
C:\Program Files\Windows Media Player\iedll.exe - TrojanDownloader:Win32/Tooncom.F -> Infected
C:\Program Files\Windows Media Player\loader.exe - TrojanDownloader:Win32/Tooncom.I -> Infected
C:\Program Files\Windows Media Player\Installer\mpsetupxp.exe - Win32/Parite.B -> Infected
C:\WINDOWS\Belt.exe - TrojanDownloader:Win32/Stubby.A -> Infected
C:\WINDOWS\DNSErr.dll - TrojanDownloader:Win32/Tooncom.K -> Infected
C:\WINDOWS\iedll.exe - TrojanDownloader:Win32/Toonco -> Infected
C:\WINDOWS\loader.exe - TrojanDownloader:Win32/Toonco -> Infected
C:\WINDOWS\wsem216.dll - TrojanDownloader:Win32/Dyfuca.Z -> Infected
C:\WINDOWS\wsem217.dll - TrojanDownloader:Win32/Dyfuca.CN -> Infected
C:\WINDOWS\Downloaded Program Files\ISTactivex.dll - TrojanDownloader:Win32/IstBar.FA -> Infected
C:\WINDOWS\LastGood\Belt.exe - TrojanDownloader:Win32/Stubby.A -> Infected
C:\WINDOWS\LastGood\twaintec.dll - Trojan:Win32/Spy.BiSpy.C -> Infected
C:\WINDOWS\system32\hosts.vbs - VBS/Qhost.A* -> Infected
C:\WINDOWS\system32\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\WINDOWS\system32\wglbxg.exe - TrojanDownloader:Win32/Agent.AE -> Infected
C:\WINDOWS\Temp\ade8A.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ajb83.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\akrC7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\aqq72.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\avm6B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\awm67.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\bcuE.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\bgcE.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\cjw12D.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ckk66.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ckkA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\cqm1B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\crd10E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\csqC6.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ctm3F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ctm5E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\cvzE.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dcbD8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ddcBC.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dde113.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dha1F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dia4.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dna19.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dnl17.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\dnyD.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\egd8B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\elsCC.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\erd10C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\eya8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\fea9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\fia14.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\fmo19.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\foj14F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\fscF.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\fsqCA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\gaa9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\gbj160.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\gma7F0.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\gmp82.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\hce2A.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\hia7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\hky112.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ijcF.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\iji14.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ikq49.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ioq36.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ipq61.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\isa19.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\isj15.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ixf7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\jnh129.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\jobD9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\kam5D.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\kcb5.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\kdd10.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\knj127.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\krk38.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\kwj7A.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\kxyB.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\lhj7B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\lne2C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\lul153.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\lxd10D.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\mfa8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\mkrC9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\mluA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\mrc82.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\msu2B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\mvh8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\nuw56.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\nwr67.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ocy111.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ordB7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\oru2C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pbn35.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pda36.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pga6.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pnk16.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pwl154.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\pzk58.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qaa25.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qfa1E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qix134.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qls834.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qmpC5.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qod11.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qsf12E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\qvd8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rbrC8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rev7E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rja2A.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rkvD.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rloD0.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rqe21.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rsl56.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rwa9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rwj57.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ryd12.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\rzn3E.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\smf130.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\speB.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\sscB.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tgm155.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tkk5A.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tpx130.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tre2B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ttf33.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tva9.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\txd13.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\tzu23.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\uduA6.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\uebB5.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ufaA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ufc57.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ufk150.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ufk3C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\uja8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\uma19.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\uwn2C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vaa1D.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vhbB7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vks87.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vlg14B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vpa7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vte5F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vzaEF.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\vzv2D.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wcf65.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wiaF.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wkw12F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wlfC.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wraAD.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\wun30.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xdrA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xmz8.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xnt24C.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xntCD.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xpaA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xri3B.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\xtrCA.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\ygs138.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\yko3F.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\yodB4.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\yqy7.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\yyq71.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\zicC.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\zjr31.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\zkt21.tmp - Win32/Parite.B -> Infected
C:\WINDOWS\Temp\zqyC.tmp - Win32/Parite.B -> Infected

Scanned
============================
Objects: 59860
Directories: 4743
Archives: 986
Size(Kb): 970578
Infected files: 275

Found
============================
Viruses found: 31
Suspicious files: 2
Disinfected files: 0
Mail files: 618


Et bon courage !
May
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 65
Un débutant
 
citation:
[quote]J'ai eu des pbs récemment sur mon PC et maintenant dès que j'ouvre une session m'apparaissent un tas de fenêtres appelées updmgr.exe, wglbxg.exe, GMT.exe... et le message est le suivant "l'application n'a pas réussi à s'initialiser correctement, cliquer sur OK pour l'arrêter".
Et puis je ne sais pas si c'est lié mais je n'arrive pas à faire fonctionner l'imprimante.
J'ai pu virer ce matin le virus PE_PARITE.A [/quote]

Tous tes problèmes sont liés à ton ancienne infection par le virus PE.PARITE.A. En fait le virus PE.PARITE.A et son frangin PE.PARITE.B s'amuse à s'incérer dans tous les fichiers .exe de ton ordi et de les modifier. Forcément, même après désinfection, tous tes fichiers .exe sont endommagés. Pour certains, ça ne pose pas de problème, mais pour d'autres c'est la catastrophe. Essaye de faire une réparation système et de réinstaller par la suite petit à petit tes autres applications.

Si tu veux encore des anti-virus, va voir sur:
http://www.secuser.com
Il y a un antivirus en ligne gratuit et des liens vers des autres antivirus gratuit comme ANTIVIR et AVAST par exemple.
0
Réponse 6 / 65
May
 
Hello,

C'est gentil de m'avoir répondu mais avec mes 275 fichiers infectés, je ne sais pas trop comment procéder ni par où commencer... t'imagines si je dois tout virer pour tout remplacer ? J'ai pas fini !!!
T'as un "truc" à me conseiller ?
Meri d'avance
May
0
Réponse 7 / 65
Utilisateur anonyme
 
coucou may je vois que t'as pas l'habitude de supprimer les fichiers temporaire et pourtant il faut le faire regulierement c tres important

bon tout d'abord supprime les fichiers temporaire (temporary internet files" dans toute les sessions comme ceci

Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" supprime aussi les cookies et l'historique ( faire cette manip regulierement)

et :

poste de travaille /lecteurC/ windows/ temp et suprime tous ce qu'il y'a a l'interieure

aussi je vois que t'a recu bcp d'email avec piece jointe infecter donc pour les supprime ouvre la messagerie d'outlook repére les email avec piece jointe dont l'expediteure est inconnu supprime les et vide la corebeille d'outlook

pour le reste telecharge cette anti trojan

telecharge

(a2free)
http://www.emsisoft.net/fr/
pense la mettre a jour avant de le lancer

ensuite refait un scan et colle le resultat ici

@++++++
0
Réponse 8 / 65
Utilisateur anonyme
 
hello may
hello hello Jess :-)

peut être qu'un bon "nettoyage disque" suffirait (vu que May fait du stock-virus<--c'pas bien! :-]] )
*désactiver la restau système
*nettoyage de disque (OK à tout) (radical)
*reboot
*rescan pour vérif (tjrs bon à faire)
*réactivation restau système si le scan est clean

on ne sait tjrs pas sous quel système d'exploitation May bosse ni si elle a un antivirus (et on parle mm pas d'un parefeu.. ni la recommandation suprême : arrêter!! d'ouvrir des mails sans les vérifier, surtout si un p-j est adjointe!! )

@+ :-)

*Devise : Je m'intéresse à l'avenir parceque
c'est là que je vais passer le reste de ma vie*
0
Réponse 9 / 65
May
 
Hey !
En fait c'est vrai que je reçois souvent des mails louches mais je les supprime directement, sans jamais les ouvrir (je suis peut-être pas très douée en info mais je suis pas complètement bête non plus !! :) )
A part ça j'ai un antivirus (CLRAV) mais qqn a installé sur le PC un deuxième antivirus, PC-cillin 9 que je m'emploie actuellement à désinsitaller... un vrai bonheur vu comment mon PC rame.
A part ça je vais faire ce que jess m'a dit car j'ai pas tout compris (désolée mais je suis nulle en manip) au message suivant... continuez de m'éclairez c'est super cool !
Je vous tiens au courant dès que j'ai déjà fait tout ça
May
0
Réponse 10 / 65
May
 
Re
Je suis sous windows XP édition familiale
May
0
Réponse 11 / 65
May
 
Coucou

J'ai fait tout ce que tu m'as dit (sauf effacement de setup.exe dans Windows/Temp car je n'étais pas très sûre, dis-moi si je dois l'effacer) et voici le nouveau rapport d'erreurs, plus engageant j'ai l'impression.

Scan started at 24/09/2004 14:53:40

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\All Users\Documents\FirefoxSetup-fr-0.8.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\tet3.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\Cécile\Bureau\DivXPro51GAINBundle.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Cécile\Bureau\MPSetupXP.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Cécile\Local Settings\Temp\iqa2.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.115: (liste.info-help@inxl6.org [**SPAM** hello])->(part0001:found.htm.exe) - Win32/Netsky.B@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.98: (Webmaster@volkswagen.de [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.97: (webmaster@wanadoo.fr [**SPAM** Info])->(part0002:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.96: (Webmaster@aol.com [**SPAM** Connection failed])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.95: (johan.favere@skynet.be [**SPAM** Oh my God])->(part0002:shocked-text.zip)->Pmessage-text.txt... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.94: (Home@volkswagen.de [**SPAM** Warning!])->(part0002:check_this.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.93: (help@skynet.be [**SPAM** Database #Error])->(part0001:error-message.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.90: (ccvosomage@evc.net [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.87: (ciprel@cityline.ru [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.86: (ciprel@cityline.ru [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.84: (ciprel@cityline.ru [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.83: (p.schofield@tasc.ac.uk [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.81: (cherry@neta.com [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.80: (p.schofield@tasc.ac.uk [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.74: (soucasse@ecolog.cnrs.fr [**SPAM** Re: Your product])->(part0002:your_product.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.73: (p.schofield@tasc.ac.uk [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.72: (ccvosomage@evc.net [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.71: (Administrator@pandora.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_a... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.70: (Administrator@hotmail.com [**SPAM** Faulty mail delivery])->(part0002:Administrator_attach.z... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.69: (ced.muhlenbach@evc.net [**SPAM** hey you])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.68: (RobotMailer@hotmail.com [**SPAM** Invalid mail sentence length])->(part0002:RobotMailer_atta... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.66: (RobotMailer@jlm-informatique.com [**SPAM** Message Error])->(part0002:RobotMailer_attach.zip... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.65: (webmaster@aol.com [**SPAM** Info])->(part0001:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.64: (vince.pat@evc.net [**SPAM** Hey])->(part0001:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.63: (Webmaster@volkswagen.de [**SPAM** Illegal signs in Mail-Routing])->(part0002:Webmaster_attac... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.62: (Administrator@skynet.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_at... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.61: (vince.pat@evc.net [**SPAM** Hey])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.60: (Gunther.Goessens@volkswagen.de [**SPAM** Oh my God])->(part0001:shocked-text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.59: (CCVOSOMAGE@evc.net [**SPAM** hey you])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.58: (Police@skynet.be [**SPAM** Your document])->(part0002:corrected_text-file.zip)->Pmessage-tex... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.57: (webmaster@skynet.be [**SPAM** Info])->(part0001:messagedoc.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.56: (AutoMailer@flender-graff.com [**SPAM** Mail delivery failed])->(part0002:AutoMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.55: (talon@talonsoft.com [**SPAM** what's up?])->(part0002:bill_yours.exe) - Win32/Netsky.C@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.54: (alves@evc.net [**SPAM** Hi, it's me])->(part0002:text.zip)->Pmessage-text.txt .pif - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.53: (mbuonomo@flender-graff.com [**SPAM** Database #Error])->(part0001:error-message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.52: (JCHESS@flender-graff.com [**SPAM** Well, surprise?!])->(part0001:your_passwords.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.51: (p.heiderich@laposte.net [**SPAM** Database #Error])->(part0002:message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.50: (Webmaster@aol.com [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.49: (alves@evc.net [**SPAM** Hi!])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.48: (Administrator@groupe-casino.fr [**SPAM** Database #Error])->(part0001:message.zip)->Pmessage... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.47: (RobotMailer@incredimail.com [**SPAM** Connection failed])->(part0002:RobotMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.46: (error@yahoo.fr [**SPAM** Database #Error])->(part0002:partial.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.45: (Administrator@incredimail.com [**SPAM** Invalid mail sentence length])->(part0002:Administra... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.44: (alsace@ademe.fr [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.43: (ccvosomage@evc.net [**SPAM** Re: Here is the document])->(part0002:document_full.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.38: (privacy@incredimail.com [**SPAM** Database #Error])->(part0001:partial.zip)->Pmessage-text.t... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.32: (alphasai@canl.nc [**SPAM** 0i09u5rug08r89589gjrg])->(part0002:id09509.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.29: (skoorpio@yahoo.com [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.28: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.12: (ciprel@cityline.ru [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.11: (cherry@neta.com [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.9: (cherry@neta.com [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.8: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.6: (skoorpio@yahoo.com [**SPAM** Re: Here])->(part0002:yours.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.5: (p.schofield@tasc.ac.uk [**SPAM** Re: Your letter])->(part0002:your_letter.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.4: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.1: (Service@groupe-casino.fr [**SPAM** Confirmation Required])->(part0002:Service-attachment.zip)... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Microsoft\Internet Explorer\V0.15.dat - Trojan:Win32/Dialui.A -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\era4.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\twaintec.cab->polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\Gérard\Mes documents\840-fra-xp.rar->840-fra-xp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.1: (ju.lucie@wanadoo.fr [Re: read it immediately])->(part0002:bill_ccvosomage.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.0: (user-help@hotmail.com [DBase Error [id:2583]])->(part0002:p_message3942.EML.bat) - Win32/Sober.G@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\hzqB2.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\RarSFX0\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temp\RarSFX0\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\SJ3X27HL\ESBAdultInstaller[1].ocx - TrojanDownloader:Win32/Agent.BP -> Infected
C:\Documents and Settings\UTILISATEUR\Application Data\winlink\winlink.dll - TrojanDownloader:Win32/Winshow -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\mje1.tmp - Win32/Parite.B -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\RarSFX0\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\RarSFX0\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Documents and Settings\Véronique\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\GEOPLANW\Install_Cabri_II_Plus.exe - Win32/Parite.B -> Infected
C:\ProfNOTE5\ProfNote.exe - Win32/Parite.B -> Infected
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe - Win32/Parite.B -> Infected
C:\Program Files\Ahead\Nero\nero.exe - Win32/Parite.B -> Infected
C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe - Win32/Parite.B -> Infected
C:\Program Files\Canon\RemoteCapture Task\EWatch.exe - Win32/Parite.B -> Infected
C:\Program Files\Canon\ZoomBrowser EX\CameraWindow\EWatch.exe - Win32/Parite.B -> Infected
C:\Program Files\Canon\ZoomBrowser EX\PhotoRecord\Program\PhotoRecord.exe - Win32/Parite.B -> Infected
C:\Program Files\Common Files\updmgr\simgr.exe - TrojanDownloader:Win32/Keenval.C -> Infected
C:\Program Files\Common Files\updmgr\updmgr.exe - TrojanDownloader:Win32/Keenval.E -> Infected
C:\Program Files\dialers\stmtdlr.exe - TrojanDownloader:Win32/Dyfica.AB -> Infected
C:\Program Files\eMule\emule.exe - Win32/Parite.B -> Infected
C:\Program Files\ISTbar\istbar.dll - TrojanDownloader:Win32/Istbar.DH -> Infected
C:\Program Files\Micro Application\Atlas Routier\Atlas Routier\Atlas_Routier.exe - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\EXCEL.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\MSACCESS.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\POWERPNT.EXE - Win32/Parite.B -> Infected
C:\Program Files\Microsoft Office\Office\WINWORD.EXE - Win32/Parite.B -> Infected
C:\Program Files\Mozilla Firefox\firefox.exe - Win32/Parite.B -> Infected
C:\Program Files\MSN Messenger\msnmsgr.exe - Win32/Parite.B -> Infected
C:\Program Files\Windows Media Player\iedll.exe - TrojanDownloader:Win32/Tooncom.F -> Infected
C:\Program Files\Windows Media Player\loader.exe - TrojanDownloader:Win32/Tooncom.I -> Infected
C:\Program Files\Windows Media Player\Installer\mpsetupxp.exe - Win32/Parite.B -> Infected
C:\WINDOWS\Belt.exe - TrojanDownloader:Win32/Stubby.A -> Infected
C:\WINDOWS\DNSErr.dll - TrojanDownloader:Win32/Tooncom.K -> Infected
C:\WINDOWS\loader.exe - TrojanDownloader:Win32/Toonco -> Infected
C:\WINDOWS\wsem216.dll - TrojanDownloader:Win32/Dyfuca.Z -> Infected
C:\WINDOWS\wsem217.dll - TrojanDownloader:Win32/Dyfuca.CN -> Infected
C:\WINDOWS\Downloaded Program Files\ISTactivex.dll - TrojanDownloader:Win32/IstBar.FA -> Infected
C:\WINDOWS\LastGood\Belt.exe - TrojanDownloader:Win32/Stubby.A -> Infected
C:\WINDOWS\LastGood\twaintec.dll - Trojan:Win32/Spy.BiSpy.C -> Infected
C:\WINDOWS\system32\hosts.vbs - VBS/Qhost.A* -> Infected
C:\WINDOWS\system32\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected

Scanned
============================
Objects: 57540
Directories: 4744
Archives: 960
Size(Kb): 1118295
Infected files: 119

Found
============================
Viruses found: 27
Suspicious files: 2
Disinfected files: 0
Mail files: 620

Encore merci et à très bientôt
May
0
Réponse 12 / 65
Utilisateur anonyme
 
coucou dolly :-))))))

salut may t'as pas fait ce que je t'ai dit :

j'ai dit :
"supprime les fichiers temporaire (temporary internet files)dans toute les sessions "

parceque d'apres le scan il y'a plusieure session : y'as ( catherine, gerard, olivier ....ect )

ensuite lance l'antitrojan a2free il est exelent

telecharge aussi stinger pour netoyer ton pc

http://download.nai.com/products/mcafee-avert/stinger.exe

fait aussi un scan sur secuser pour netoyer d'avantage ton pc
@++++++++++
tien nous au courant
0
Réponse 13 / 65
May
 
Coucou !

A2 a trouvé les 21 fichiers Malware suivants :

C:\Documents and Settings\Gérard\Local Settings\Temporary Internet Files\Content.IE5\UXZ15MYD\regshape[1].exe Spyware.Win32.Virtumonde.e
C:\Documents and Settings\Olivier\Mes documents\Olivier\mirc\mirc.exe not-a-virus:RiskWare.mIRC.6.03
C:\Program Files\Fichiers communs\CMEII\CMESys.exe Spyware.Win32.Gator
C:\Program Files\Fichiers communs\CMEII\GMTProxy.dll Spyware.Win32.Gator
C:\Program Files\Fichiers communs\GMT\GatorStubSetup.exe Spyware.Win32.Gator
C:\Program Files\Fichiers communs\GMT\GUninstaller.exe Spyware.Win32.Gator
C:\WINDOWS\Config\bassvr.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\expms.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\fontbin.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\Fonts\eulaw.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\libdisk.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\msagent\chars\catplay.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\msagent\oleodbc.exe Spyware.Win32.Virtumonde.a
C:\WINDOWS\Ole32ws.dll Dialer
C:\WINDOWS\pcole.exe Spyware.Win32.Virtumonde.a
C:\WINDOWS\system\vgamc.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\system32\cd_clint.dll Spyware.Win32.Cydoor
C:\WINDOWS\system32\xircom\splay.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\taskms.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\Tasks\utilun.exe Spyware.Win32.Virtumonde.e
C:\WINDOWS\utilip.exe

Dois-je tous les effacer ? On m'a dit en effet que les .dll sont nécessaires au bon fonctionnement du PC.
Merci pour vos conseils passés et futurs.
J'ai téléchargé stinger et ai fait un nettoyage avec. Je vais en faire un maintenant avec secuser comme tu me l'as dit

May
0
Réponse 14 / 65
Utilisateur anonyme
 
salut oui tu peu les supprimé .c pas des dll system
@++++++++
0
Réponse 15 / 65
May
 
Hello

C'est drôle, si je relance un A2, il me trouve encore d'autres fichiers Malware... c'est un cercle vicieux imbrisable on dirait.
Dès qu'il sera terminé, je t'envoie le rapport d'erreurs ravantivirus.
Par contre mon imprimante ne fonctionne pas : dans la fenêtre "imprimer", il m'écrit qu'elle est inactive... gné ????
Merci

May

P.S : Et au fait, bon dimanche !
0
Réponse 16 / 65
May
 
Salut

Voici le rapport... c mieux mais c pas top

Scan started at 26/09/2004 15:50:54

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\Catherine\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.115: (liste.info-help@inxl6.org [**SPAM** hello])->(part0001:found.htm.exe) - Win32/Netsky.B@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.98: (Webmaster@volkswagen.de [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.97: (webmaster@wanadoo.fr [**SPAM** Info])->(part0002:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.96: (Webmaster@aol.com [**SPAM** Connection failed])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.95: (johan.favere@skynet.be [**SPAM** Oh my God])->(part0002:shocked-text.zip)->Pmessage-text.txt... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.94: (Home@volkswagen.de [**SPAM** Warning!])->(part0002:check_this.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.93: (help@skynet.be [**SPAM** Database #Error])->(part0001:error-message.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.90: (ccvosomage@evc.net [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.87: (ciprel@cityline.ru [**SPAM** Re: Word file])->(part0002:document_word.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.86: (ciprel@cityline.ru [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.84: (ciprel@cityline.ru [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.83: (p.schofield@tasc.ac.uk [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.81: (cherry@neta.com [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.80: (p.schofield@tasc.ac.uk [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.74: (soucasse@ecolog.cnrs.fr [**SPAM** Re: Your product])->(part0002:your_product.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.73: (p.schofield@tasc.ac.uk [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.72: (ccvosomage@evc.net [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.71: (Administrator@pandora.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_a... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.70: (Administrator@hotmail.com [**SPAM** Faulty mail delivery])->(part0002:Administrator_attach.z... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.69: (ced.muhlenbach@evc.net [**SPAM** hey you])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.68: (RobotMailer@hotmail.com [**SPAM** Invalid mail sentence length])->(part0002:RobotMailer_atta... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.66: (RobotMailer@jlm-informatique.com [**SPAM** Message Error])->(part0002:RobotMailer_attach.zip... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.65: (webmaster@aol.com [**SPAM** Info])->(part0001:messagedoc.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.64: (vince.pat@evc.net [**SPAM** Hey])->(part0001:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.63: (Webmaster@volkswagen.de [**SPAM** Illegal signs in Mail-Routing])->(part0002:Webmaster_attac... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.62: (Administrator@skynet.be [**SPAM** Invalid mail sentence length])->(part0002:Administrator_at... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.61: (vince.pat@evc.net [**SPAM** Hey])->(part0002:text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.60: (Gunther.Goessens@volkswagen.de [**SPAM** Oh my God])->(part0001:shocked-text.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.59: (CCVOSOMAGE@evc.net [**SPAM** hey you])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.58: (Police@skynet.be [**SPAM** Your document])->(part0002:corrected_text-file.zip)->Pmessage-tex... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.57: (webmaster@skynet.be [**SPAM** Info])->(part0001:messagedoc.zip)->Pmessage-text.txt ... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.56: (AutoMailer@flender-graff.com [**SPAM** Mail delivery failed])->(part0002:AutoMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.55: (talon@talonsoft.com [**SPAM** what's up?])->(part0002:bill_yours.exe) - Win32/Netsky.C@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.54: (alves@evc.net [**SPAM** Hi, it's me])->(part0002:text.zip)->Pmessage-text.txt .pif - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.53: (mbuonomo@flender-graff.com [**SPAM** Database #Error])->(part0001:error-message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.52: (JCHESS@flender-graff.com [**SPAM** Well, surprise?!])->(part0001:your_passwords.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.51: (p.heiderich@laposte.net [**SPAM** Database #Error])->(part0002:message.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.50: (Webmaster@aol.com [**SPAM** Faulty mail delivery])->(part0002:Webmaster_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.49: (alves@evc.net [**SPAM** Hi!])->(part0002:Textdocument.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.48: (Administrator@groupe-casino.fr [**SPAM** Database #Error])->(part0001:message.zip)->Pmessage... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.47: (RobotMailer@incredimail.com [**SPAM** Connection failed])->(part0002:RobotMailer_attach.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.46: (error@yahoo.fr [**SPAM** Database #Error])->(part0002:partial.pif) - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.45: (Administrator@incredimail.com [**SPAM** Invalid mail sentence length])->(part0002:Administra... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.44: (alsace@ademe.fr [**SPAM** Re: Your music])->(part0002:mp3music.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.43: (ccvosomage@evc.net [**SPAM** Re: Here is the document])->(part0002:document_full.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.38: (privacy@incredimail.com [**SPAM** Database #Error])->(part0001:partial.zip)->Pmessage-text.t... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.32: (alphasai@canl.nc [**SPAM** 0i09u5rug08r89589gjrg])->(part0002:id09509.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.29: (skoorpio@yahoo.com [**SPAM** Re: Approved])->(part0002:all_document.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.28: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: My details])->(part0002:my_details.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.12: (ciprel@cityline.ru [**SPAM** Re: Your website])->(part0002:your_website.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.11: (cherry@neta.com [**SPAM** Re: Thanks!])->(part0002:message_part2.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.9: (cherry@neta.com [**SPAM** Re: Re: Re: Your document])->(part0002:document_4351.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.8: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.6: (skoorpio@yahoo.com [**SPAM** Re: Here])->(part0002:yours.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.5: (p.schofield@tasc.ac.uk [**SPAM** Re: Your letter])->(part0002:your_letter.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.4: (evc_ccvosomage@factorix.sdv.fr [**SPAM** Re: Your bill])->(part0002:your_bill.pif) - Win32/Netsky.D@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.1: (Service@groupe-casino.fr [**SPAM** Confirmation Required])->(part0002:Service-attachment.zip)... - Win32/Sober.F@mm -> Infected
C:\Documents and Settings\Gérard\Local Settings\Temp\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.3: (cyberjc@club-internet.fr [Mail Delivery (failure ccvosomage@evc.net)])->(part0... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - HTML/IFrame_Exploit* -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.2: (3djean-louis.monot@wanadoo.fr [Mail Delivery (failure ccvosomage@evc.net)])->(... - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.1: (ju.lucie@wanadoo.fr [Re: read it immediately])->(part0002:bill_ccvosomage.pif) - Win32/Netsky.P@mm -> Infected
C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.0: (user-help@hotmail.com [DBase Error [id:2583]])->(part0002:p_message3942.EML.bat) - Win32/Sober.G@mm -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\Véronique\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Program Files\Common Files\updmgr\simgr.exe - TrojanDownloader:Win32/Keenval.C -> Infected
C:\Program Files\Common Files\updmgr\updmgr.exe - TrojanDownloader:Win32/Keenval.E -> Infected
C:\Program Files\dialers\stmtdlr.exe - TrojanDownloader:Win32/Dyfica.AB -> Infected
C:\Program Files\ISTbar\istbar.dll - TrojanDownloader:Win32/Istbar.DH -> Infected
C:\Program Files\Windows Media Player\iedll.exe - TrojanDownloader:Win32/Tooncom.F -> Infected
C:\Program Files\Windows Media Player\loader.exe - TrojanDownloader:Win32/Tooncom.I -> Infected
C:\WINDOWS\Belt.exe - TrojanDownloader:Win32/Stubby.A -> Infected
C:\WINDOWS\wsem216.dll - TrojanDownloader:Win32/Dyfuca.Z -> Infected
C:\WINDOWS\wsem217.dll - TrojanDownloader:Win32/Dyfuca.CN -> Infected
C:\WINDOWS\system32\hosts.vbs - VBS/Qhost.A* -> Infected
C:\WINDOWS\system32\polall1m.exe->(CExe) - TrojanDownloader:Win32/Agent.AE -> Infected

Scanned
============================
Objects: 57938
Directories: 4766
Archives: 1090
Size(Kb): 995213
Infected files: 80

Found
============================
Viruses found: 19
Suspicious files: 2
Disinfected files: 0
Mail files: 624

Bye ! May
0
Réponse 17 / 65
Utilisateur anonyme
 
resalut c deja pas mal t'es passé de 275 fichiers infecter a 80 :-)

bon commence par suprimé les email infecter dans la messagerie d'outlook .supprime les dans toute les session

ensuite suprime les fichier temporaire dans toute les session comme ceci

Demarrer/paneau de configuration/option internet/suprimer fichier temporaaire apres une petite fentre s'ouvre tu coche "suprimer tout le contenu hors connexion" supprime aussi les cookies et l'historique ( faire cette manip regulierement)

ensuuite lance a2free , stinger n'oublie pas de les mettre ajour avant de les lancé

au faite as tu un antivirus ? si oui lequelle?

@++++++
0
Réponse 18 / 65
May
 
Hello

J'ai déjà supprimé les fichiers temporaires et cookies et historique dans toutes les sessions, hier, comme tu me l'avais demandé.
Pour les messages outlook, il me semble que je l'avais fait aussi.
Antivirus Pc-cillin
May
0
Réponse 19 / 65
Utilisateur anonyme
 
salut oui je sais que t'as supprimé les fichiers temporaire mais bon il reste de virus regarde c lignes :

C:\Documents and Settings\Catherine\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected
C:\Documents and Settings\Catherine\Local Settings\Temp\_update.dat - TrojanSpy/Win32.Agent.L -> Suspicious
C:\Documents and Settings\UTILISATEUR\Local Settings\Temp\nibofni.dat - TrojanSpy/Win32.Agent.P -> Infected

et pour les email infecter il en reste beaucoup surtout dans la session de gerard et olivier :

C:\Documents and Settings\Gérard\Local Settings\Application Data\Identities\{00F66B08-0771-407F-992D-2419DEA5A341}\Microsoft\Outlook Express\SPAM.dbx->Message.116: (precious_mummy@hotmail.com [**SPAM** Mail Delivery (failure ccvosomage@evc.net)])->(part000... - HTML/IFrame_Exploit* -> Infected

C:\Documents and Settings\Olivier\Local Settings\Application Data\Identities\{3A393819-BDC8-4A6D-AD84-A2BB7EA15C8A}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.0: (user-help@hotmail.com [DBase Error [id:2583]])->(part0002:p_message3942.EML.bat) - Win32/Sober.G@mm -> Infected

pour le reste des virus normalement a2free et stinger s'encharge tres bien

@++++++++
0
Réponse 20 / 65
May
 
Coucou

J'ai relancé un a2 et stinger c'est presque fini et pour l'instant tout est clean. Je te tiens au courant.
Effectivement j'ai trouvé des messages stockés dans outlook chez olivier, j'ai aussi effacé ceux chez gérard.
Par contre j'ai pas réussi à supprimer le reste des fichiers temporaires : quand je vais dans C:/Documents and Settings/Catherine je ne trouve pas de dossier Local settings...

Pour ce qui est de l'imprimante, j'ai essayé de l'activer mais ça marche pas, je l'ai installée et désinsitallée, toujours aucune réponse... ça commence à être chiant...

Bon tiens-moi au courant et je fais de même dans la soirée (et malgré ma grippe)
May
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses