Sujet Précédent Sujet Suivant

Virus qui m'enpêche de nettoyer?

philippe -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour,
Qui peut me déchiffrer cela? je me suis inspiré de divers messages et ai fait la même chose que préconisé, mais je ne sias pas interpréter.
Mon problème ordianteur se bloque irrémédiablement lors d'un nettoyage et très très long à démarrer.
Je compte sur vous pour m'aider à sortir de cette M....

Merci beaucoup d'avance

Philippe
A voir également:

4 réponses

Réponse 1 / 4
philippe
 
Dans mon message initial.

J'ai oublié de copier coller ...ce qui suit

Logfile of HijackThis v1.99.1
Scan saved at 14:56:18, on 12/03/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - Global Startup: Gestionnaire de Taches.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Supervision de Photo Loader.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\b1zm36uf.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\Philippe\Application Data\Mozilla\Firefox\Profiles\b1zm36uf.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 2 / 4
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut Philippe !

pour ma part, je ne vois rien de special dans ton log ...

essaye de faire le nettoyage en mode sans echec

et : pour verifier

scan en ligne : colle rapport entier ( s’il y a quelque chose) :

http://www.bitdefender.fr/bd/site/search.php#

@+
0
Philippe
 
Merci Green Day,
Je suis en train de faire un scan ( très très long ) abec Bit defender qui m'a trouvé plein de trucs que mon AVAST ne voit pas lui.
Je collerais le rapport si tu veux bien continuer à me guider, car franchement je suis pas trop doué.
Merci encore et à Plus.
0
Réponse 3 / 4
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Re !

pas de soucis, tiens nous au courant !

bon courage, @+
0
philippe
 
Et re, Ci joint le rapport d'analyse BIT defender auquel je comprends pas grand chose à part que j'ai des trucs pas bien dans mon ordi.
Au fait je n'ai plus de restauration, elle a disparu!!!!!!
Si tu peux m'aider je t'en remercie.

Ciao.

Voie d'analyse: C:\;D:\;E:\;F:\;


Statistiques

Temps


02:46:45

Fichiers


136001

Directoires


2021

Secteurs de boot


4

Archives


3594

Paquets programmes


14012







Résultats

Virus identifiés


2

Fichiers infectés


2

Fichiers suspects


15

Avertissements


0

Désinfectés


0

Fichiers effacés


19







Info sur les moteurs

Définition virus


312093

Version des moteurs


AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Analyse des plugins


13

Archive des plugins


39

Unpack des plugins


4

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 1)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 2)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 4)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 7)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 8)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 9)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox=>(message 11)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Inbox


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)=>[Subject: How are you][Date: Fri, 11 Mar 2005 01:08:36 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)=>(message)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)=>[Subject: Undelivered Mail Returned to Sender][Date: Fri, 11 Mar 2005 01:08:49 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 1)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 2)=>[Subject: [avast! - INFECTED] Language][Date: Fri, 11 Mar 2005 01:09:09 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 2)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 4)=>[Subject: [avast! - INFECTED] Onmouseover][Date: Wed, 16 Mar 2005 08:44:40 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 4)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 7)=>[Subject: [avast! - INFECTED] Hi,naface,sos!][Date: Mon, 21 Mar 2005 00:16:25 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 7)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 8)=>[Subject: [avast! - INFECTED] Happy Lady Day][Date: Tue, 22 Mar 2005 20:13:24 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 8)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 9)=>[Subject: [avast! - INFECTED] Japanese girl VS][Date: Sat, 26 Mar 2005 21:45:01 +0100 (CET)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 9)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Suspecté de: Exploit.Iframe.Vulnerability

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Echec de la désinfection

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)=>(message body)


Supprimé

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 11)=>[Subject: [avast! - INFECTED] Have a nice Lady][Date: Sun, 27 Mar 2005 19:29:10 +0200 (CEST)]=>(MIME part)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash=>(message 11)


Mis à jour

C:\Documents and Settings\Philippe\Application Data\Thunderbird\Profiles\iof3cba5.default\Mail\Local Folders\Trash


Echec de la mise à jour

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0063174.exe=>(Quarantine-2)


Infecté par: Trojan.Clicker.Delf.AH

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0063174.exe=>(Quarantine-2)


Supprimé

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0063175.dll=>(Quarantine-2)


Infecté par: Trojan.Downloader.Wintrim.CB

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0063175.dll=>(Quarantine-2)


Supprimé

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0065437.exe


Suspecté de: BehavesLike:Trojan.HangUp

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0065437.exe


Echec de la désinfection

C:\System Volume Information\_restore{24B55501-A156-4846-BDC3-D4A90A52A451}\RP68\A0065437.exe


Supprimé
0
Réponse 4 / 4
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut !

pour les points de resto : il n'y a pas de soucis, il a simplement supprimers ceux qui étaient infectés ...

par contre le rapport signifie clairement qu'il y a un soucis au niveau du courriers que tu as dans ta mesagerie ... il faudrai y faire un tour et supprimer tout ce qu'il y a d'inutile ou de suspect ...

fais un pti nettoyage avec ça :

télécharge ceci :

1) Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html

2) Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/AdAware/AdAware.htm

3) Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

tuto : (merci à Ballatrap )
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

4) A-squared (gratuit) :
http://www.emsisoft.net/fr/software/download/

5) Ewido (gratuit) :
http://www.ewido.net/fr/download/

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/

6) CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

mets tout à jour,lance les scans en mode sans echec : pour cela redemarre en appuillant sur le touche F8 ou F5

après ça : precise où en sont tes soucis

bon courage, @+
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses