Est-ce un virus? Comment le supprimer?

DolphinEye -  
 goupil34 -
Bonsoir,
je travaille avec un groupe de personnes, et nous nous envoyons régulièrement des e-mails. Cependant, je crois qu'un virus se propage dans le groupe car plusieurs ordinateurs présentent des symptômes similaires ( le mien pas pour l'instant ):

- erreurs lors de lancement de programmes générant un message ressemblant à quelque chose comme "Windows n'a pas pu démarrer le programme à cause de problèmes sur cet ordinateur".

- suppression de fichiers àléatoires, empêchant le bon fonctionnement de certains programmes comme MSN ( disparition de la fonction "ajouter un contact" et d'autres ), suppression de l'aide windows, suppresion d'onglets divers du système Windows XP, ...

- Altération de l'affichage de programmes comme windows XP ( barre des tâches toute blanche, icônes étranges, graphiques altérés, ... ).

Quelqu'un aurait-il une idée de quoi il s'agit? Je vous remercie d'avance, vous me rendrez un énorme service au niveau professionel.

Cordialement

--Thomas - ANNECY 74

PS: j'ai tenté de rechercher sur Internet des symptômes similaires, mais je n'ai rien trouvé, hélas.

6 réponses

  1. BmV Messages postés 43678 Date d'inscription   Statut Modérateur Dernière intervention   4 963
     
    Salut.

    Et que disent les antivirus ?

    -=O(_BmV_)O=-  L'amour comme épée,
          ||       ||       l'humour comme bouclier. 
    0
  2. DolphinEye
     
    Rien malheureusement. J'ai pourtant fait isntaller aux victimes Windows XP SP1 ( SP2 étant instable, je l'ai évité ), Ad-Aware SE, un antivirus ( avast ) et le firewall windows XP. Rien n'a été détecté malheureusement.
    0
  3. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    salut
    Nettoyage virus
    Faite scan en ligne et coller le rapport ici sur le post
    utiliser l'antivirus en ligne suivant :
    http://www.ravantivirus.com/scan/
    Cliquer sur "To continue without subscribing click here" et attendre quelques minutes.

    Lorsque "Ready" est affiché dans "status", cocher la case "Autoclean" puis cliquer sur "Scan my PC"
    A la fin de l'analyse, copier/coller le rapport ici.

    la chasse et le balltrap ma vrai passion
    voir site perso dans profil
    0
    1. Dolphineye
       
      Merci beaucoup. Je vais procéder ainsi.
      0
    2. THORNER NATHALIE
       
      salut

      voilà le rapport de rav :

      Scan started at 22/02/2005 22:08:35

      Scanning memory...
      Scanning boot sectors...
      Scanning files...
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.38: (irenepeglou@cegetel.net [tdarefninvf])->(part0002:data.zip)->data.ht... - Win32/Lovgate.V@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.28: (marie.baras@wanadoo.fr [hi])->(part0002:file.zip)->file.pif - Win32/Lovgate.V@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.26: (dominique.quentin@worldonline.fr [Server Report])->(part0002:text.scr) - Win32/Lovgate.V@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.25: (xxxxxxxxxx@sms.umc.com.ua [Error])->(part0002:document.scr) - Win32/Lovgate.V@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.24: (andrecassan@club-internet.fr [Status])->(part0002:file.zip)->file.do... - Win32/Lovgate.V@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.20: ("Bs.autos" [Re:])->(part0001:price.exe) - Win32/Bagle.AS@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.19: ("Bs.autos" [Re: Thank you!])->(part0001:Price.scr) - Win32/Bagle.AS@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.17: ("Bs.autos" [Re: Hi])->(part0001:Joke.scr) - Win32/Bagle.AS@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.16: (lgoodale@dbsalliance.org [read it immediately])->(part0001:object.exe) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.15: (temma@temma.com [fake])->(part0001:textfile.com) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.13: (hcsrcxxbbglp@hotmail.com [hello])->(part0001:creditcard.txt.pif) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.12: (".5000809"@wanadoo.fr [fake])->(part0001:message.txt.com) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.11: (upport@firstcup101.com [something for you])->(part0001:details.exe) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.10: (meet@htie289aze.com [something for you])->(part0001:ranking.exe) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.9: (81904@s3068.mb00.net [information])->(part0001:friend.htm.pif) - Win32/Netsky.B@mm -> Infected
      C:\Documents and Settings\THORNER Nathalie\Local Settings\Application Data\Identities\{C7228547-2913-47AD-874A-AEB0E68D745C}\Microsoft\Outlook Express\Boîte de réception.dbx->Message.8: (rancoisewanadoo@mx19148.hh02.com [read it immediately])->(part0001:ms... - Win32/Netsky.B@mm -> Infected

      Scanned
      ============================
      Objects: 77957
      Directories: 5697
      Archives: 3341
      Size(Kb): 1506898
      Infected files: 16

      Found
      ============================
      Viruses found: 3
      Suspicious files: 0
      Disinfected files: 0
      Mail files: 742

      merci
      0
    3. goupil34
       
      Scan started at 02/23/2005 13:26:15

      Scanning memory...
      process://C:\WINDOWS\System32\w?nlogon.exe - TrojanDownloader:Win32/PurityScan.Q -> Infected
      Scanning boot sectors...
      Scanning files...
      C:\Documents and Settings\PW XP 2800\Local Settings\Temporary Internet Files\Content.IE5\3VT779CW\CAHKY51V.HTM - Exploit:HTML/MhtRedir.gen* -> Infected
      C:\Documents and Settings\PW XP 2800\Local Settings\Temporary Internet Files\Content.IE5\CL2NCLUF\246[1].chm->/file.exe->(FSGPE) - TrojanDownloader:Win32/Small.AG -> Suspicious
      C:\Documents and Settings\PW XP 2800\Local Settings\Temporary Internet Files\Content.IE5\JYOVRT05\count[1].chm->/count.htm->(SCRIPT0001) - JS/Psyme.gen* -> Infected
      C:\Documents and Settings\PW XP 2800\Local Settings\Temporary Internet Files\Content.IE5\OV5FMIF1\freepic[1].chm->/freepic.htm->(SCRIPT0001) - JS/Psyme.gen* -> Infected
      C:\WINDOWS\autoclk.exe - Trojan:Win32/KillReg.D -> Infected
      C:\WINDOWS\commando.exe - VirTool:Win32/HiddenRun.B -> Infected
      C:\WINDOWS\system32\atmjcf.exe - Win32/Bofra.A@mm -> Infected
      C:\WINDOWS\system32\dxopengl.exe - Backdoor:Win32/Rbot.dam#2 -> Infected
      C:\WINDOWS\system32\Iassd.exe - Win32/HLLW.SpyBot -> Infected
      C:\WINDOWS\system32\TFTP1308 - Backdoor:Win32/RBot -> Infected
      C:\WINDOWS\system32\TFTP2372 - Backdoor:Win32/RBot -> Infected
      C:\WINDOWS\system32\TFTP4060 - Win32/HLLW.SpyBot -> Infected
      C:\WINDOWS\system32\TFTP812 - Backdoor:Win32/Rbot.dam#2 -> Infected

      Scanned
      ============================
      Objects: 65910
      Directories: 2902
      Archives: 6953
      Size(Kb): 1863662
      Infected files: 13

      Found
      ============================
      Viruses found: 9
      Suspicious files: 1
      Disinfected files: 0
      Mail files: 55423
      0
  4. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    re cela ne supprimerat pas les virus mais nous montrerat le chemin exact

    la chasse et le balltrap ma vrai passion
    voir site perso dans profil
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. DolphinEye
     
    Voici le rapport de mon ordinateur; ceux des autres membres seront placé à cet endroit dès que posible. Merci encore.
    Thomas

    Scan started at 05/11/2004 23:45:58

    Scanning memory...
    Scanning boot sectors...
    Scanning files...
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0026:data.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0028:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0029:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0039:document09_c.faraut.exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0043:word_doc_c.faraut.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0045:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0046:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0055:letter43_c.faraut.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0062:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0063:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0066:letter43.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0068:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0069:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0072:sample01_c.faraut.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0074:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0075:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0078:data.doc .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0089:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0090:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0093:news01.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0100:all_in_all_c.faraut.doc .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0102:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0103:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0106:postcard.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0109:www.freeporn4all.pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0112:letter.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0123:document07.txt .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0130:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0131:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0134:readme.pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0136:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0137:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0139:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0143:readme.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0145:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0146:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0149:id09509.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0154:your_document.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0156:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0157:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0161:details_c.faraut.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0166:)->(part0002:file.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0168:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0169:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0175:details.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0183:readme.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0186:)->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0186:)->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0195:data.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Inbox->(part0222:Details.vbs) - VBS/Bagle.Z.dr* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0005:word_doc_c.faraut.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0008:document09_c.faraut.exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0016:data.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0023:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0024:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0029:letter43.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0032:letter43_c.faraut.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0039:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0040:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0042:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0043:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0045:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0046:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0048:sample01_c.faraut.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0050:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0051:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0054:data.doc .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0061:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0062:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0066:news01.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0069:all_in_all_c.faraut.doc .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0071:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0072:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0075:postcard.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0078:www.freeporn4all.pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0081:letter.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0084:document07.txt .pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0087:id09509.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0089:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0090:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0093:readme.pif) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0095:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0096:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0098:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0102:readme.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0104:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0105:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0107:details_c.faraut.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0110:details.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0112:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0113:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0116:your_document.zip)->data.rtf .scr - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0119:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0120:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0125:)->(part0002:file.zip)->document.txt .exe - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0128:readme.doc .exe) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0131:)->(part0001:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0131:)->(part0002:message.scr) - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0134:data.zip)->details.txt .pif - Win32/Netsky.P@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0156:Details.vbs) - VBS/Bagle.Z.dr* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0159:Information.hta)->(SCRIPT0000) - VBS/Bagle.Z.dr* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0162:Details.scr) - Win32/Bagle.W@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0165:Details.com) - Win32/Bagle.W@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0169:Info.com) - Win32/Bagle.W@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0171:Info.scr) - Win32/Bagle.W@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0173:Message.com) - Win32/Bagle.W@mm -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0177:Message.hta)->(SCRIPT0000) - VBS/Bagle.Z.dr* -> Infected
    C:\Documents and Settings\Dolphin's Eye\Application Data\Thunderbird\Profiles\default\v93ij2xs.slt\Mail\pop3.free.fr\Trash->(part0191:Details.cpl) - Win32/Bagle.W.dr -> Infected
    C:\WINDOWS\Downloaded Program Files\WebRecomendada.dll - Tool:PornDialer.DE -> Infected

    Scanned
    ============================
    Objects: 69031
    Directories: 5118
    Archives: 3107
    Size(Kb): 1018541
    Infected files: 109

    Found
    ============================
    Viruses found: 6
    Suspicious files: 0
    Disinfected files: 0
    Mail files: 1351
    0
  7. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    re
    rechC:erche et suppr ceci
    \WINDOWS\Downloaded Program Files\WebRecomendada.dll

    ensuite vas dans ta messageries et supprime tous les emails
    dans elements supprimer et autres

    la refait scan pour verif

    la chasse et le balltrap ma vrai passion
    voir site perso dans profil
    0