Please ... Aide pour nettoyage Fermé

Question

Bonsoir, 

Je rencontre depuis plusieurs jours des problèmes avec internet et notamment lorsque j'utilise Google. En effet, suite à une recherche par mot clé et après avoir cliqué sur le lien désiré, je me retrouve sur d'autre moteur de recherche, voire des sites de jeux, etc...

Face à ces problèmes, j'ai atterri sur le site de commentcamarche.com et suivi les recommendations permettant de nettoyer mon pc : Avg antispyware, Biddefender et Hijackthis.

Voici ci-après les 3 rapports :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	19:26:03 05/11/2006

 + Résultat de l'analyse:	



[1584] VM_007B0000 -> Downloader.Agent.uj : Nettoyé.
[2108] VM_009E0000 -> Downloader.Agent.uj : Nettoyé.
[2468] VM_00E40000 -> Downloader.Agent.uj : Nettoyé.
[2572] VM_008A0000 -> Downloader.Agent.uj : Nettoyé.
[2620] VM_00390000 -> Downloader.Agent.uj : Nettoyé.
[2676] VM_003A0000 -> Downloader.Agent.uj : Nettoyé.
[2748] VM_00930000 -> Downloader.Agent.uj : Nettoyé.
[2840] VM_00A70000 -> Downloader.Agent.uj : Nettoyé.
[2868] VM_008C0000 -> Downloader.Agent.uj : Nettoyé.
[2900] VM_00890000 -> Downloader.Agent.uj : Nettoyé.
[3136] VM_003E0000 -> Downloader.Agent.uj : Nettoyé.
[3204] VM_00950000 -> Downloader.Agent.uj : Nettoyé.
[3216] VM_00920000 -> Downloader.Agent.uj : Nettoyé.
[3456] VM_01140000 -> Downloader.Agent.uj : Nettoyé.
[3580] VM_01CA0000 -> Downloader.Agent.uj : Nettoyé.
[3792] VM_00980000 -> Downloader.Agent.uj : Nettoyé.
[3860] VM_00840000 -> Downloader.Agent.uj : Nettoyé.
[3920] VM_01560000 -> Downloader.Agent.uj : Nettoyé.
[600] VM_00D60000 -> Downloader.Agent.uj : Nettoyé.
[632] VM_00A20000 -> Downloader.Agent.uj : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Carole\Cookies\carole@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@clickbank[1].txt -> TrackingCookie.Clickbank : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Damien\Cookies\damien@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport

biddefender :


C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>BlackBox.class
 Infected with: Trojan.Java.Classloader.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Downloader.OpenStream.D
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18A4375B.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>GetAccess.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>GetAccess.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>GetAccess.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Installer.class
 Infected with: Java.Trojan.OpenConnection.F
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Installer.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)=>Installer.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1EDA2088.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>GetAccess.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>GetAccess.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>GetAccess.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Installer.class
 Infected with: Java.Trojan.OpenConnection.F
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Installer.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)=>Installer.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AEB1F59.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>BlackBox.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC5741B.jar
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>BlackBox.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39517EA2.jar
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>GetAccess.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>GetAccess.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>GetAccess.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Installer.class
 Infected with: Java.Trojan.OpenConnection.F
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Installer.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)=>Installer.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5891194B.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>BlackBox.class
 Infected with: Trojan.Java.Classloader.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Downloader.OpenStream.D
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\646C3CEF.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>GetAccess.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>GetAccess.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>GetAccess.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Installer.class
 Infected with: Java.Trojan.OpenConnection.F
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Installer.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)=>Installer.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66791FC3.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>BlackBox.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E83349.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>BlackBox.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>BlackBox.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>BlackBox.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>VerifierBug.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>VerifierBug.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>VerifierBug.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Beyond.class
 Infected with: Java.Trojan.Exploit.Bytverify.C
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Beyond.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)=>Beyond.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677440AE.zip
 Update failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>GetAccess.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>GetAccess.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>GetAccess.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>InsecureClassLoader.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Dummy.class
 Infected with: Java.Trojan.Exploit.Bytverify
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Dummy.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Dummy.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Installer.class
 Infected with: Java.Trojan.OpenConnection.F
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Installer.class
 Disinfection failed
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)=>Installer.class
 Deleted
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip=>(Quarantine-2)
 Updated
 
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9959C2.zip
 Update failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP121\A0033412.exe=>(NSIS o)=>bzip2_nsis0001
 Infected with: MemScan:Trojan.Downloader.Zlob.VZ
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP121\A0033412.exe=>(NSIS o)=>bzip2_nsis0001
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP121\A0033412.exe=>(NSIS o)=>bzip2_nsis0001
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP121\A0033412.exe=>(NSIS o)
 Update failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0039823.exe
 Infected with: Trojan.Downloader.Mohbpork.B
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0039823.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0039823.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040598.exe
 Infected with: Trojan.Downloader.Mohbpork.A
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040598.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040598.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040603.exe
 Infected with: Trojan.Downloader.Mohbpork.B
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040603.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP135\A0040603.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041598.exe
 Infected with: Trojan.Downloader.Mohbpork.A
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041598.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041598.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041603.exe
 Infected with: Trojan.Downloader.Mohbpork.B
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041603.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP136\A0041603.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041629.exe
 Infected with: Trojan.Downloader.Mohbpork.A
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041629.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041629.exe
 Deleted
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041635.exe
 Infected with: Trojan.Downloader.Mohbpork.B
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041635.exe
 Disinfection failed
 
C:\System Volume Information\_restore{AD54628B-6D51-4BB1-ACB1-EABC2FEF97CE}\RP137\A0041635.exe
 Deleted
 
Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 22:25:12, on 05/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AltSwitch\AltSwitch.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\EnZip\EnZip.exe
C:\DOCUME~1\Damien\LOCALS~1\Temp\_ENZTMP\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Numericable
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [dmnyi.exe] C:\WINDOWS\system32\dmnyi.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [AltSwitch] C:\Program Files\AltSwitch\AltSwitch.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{90B1AC98-FEED-43A5-8179-A580237BCCAB}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{C48B0282-1AF3-4BF7-8DF4-A1099DEF81B6}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Merci pour votre aide ...

Utilisateur anonyme · Answer

Bonsoir

BitDefender a nettoyé la quarantaine de Norton et le système de restauration.
HijackThis et AVG montre une infection de type Wareout.

Télécharge FixWareout de l'un de ces deux liens :
http://downloads.subratam.org/Fixwareout.exe
https://www.bleepingcomputer.com/download/linux/

Sauvegarde-le sur ton Bureau, puis lance-le.
Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.
Suis les directives à l'écran.
L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.
Le redémarrage risque de prendre un peu plus de temps; ceci est normal.

Lorsque redémarré, un fichier texte apparaîtra (report.txt); copie/colle ce rapport dans ta prochaine réponse, avec un nouveau rapport HijackThis également.

luboyoyo · Answer

Comme convenu, ci-après les 2 rapports demandés :

Fixwareout ver 1.003
Last edited 8/11/2006
Post this report in the forums please 
 
Reg Entries that were deleted 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionuins\}3388D3E5B921-60E9-F7B4-9687-83FD6E3E{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionuins\}9BD1821E3EBA-EF1A-0E84-77D0-F9CCCFA0{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionuins\uppmd
...

Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM 
...
 
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
 
»»»»» Searching by size/names... 
 
»»»»» 
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSTAJ.EXE       51 791 2006-10-04      
C:\WINDOWS\SYSTEM32\DMPPU.EXE       60 967 2004-08-03
 
Other suspects.
Directory of C:\WINDOWS\system32
 
»»»»» Misc files. 
 
»»»»» Checking for older varients covered by the Rem3 tool.



Logfile of HijackThis v1.99.1
Scan saved at 13:16:51, on 06/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AltSwitch\AltSwitch.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\PROGRA~1\EnZip\EnZip.exe
C:\DOCUME~1\Damien\LOCALS~1\Temp\_ENZTMP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Numericable
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [dmuez.exe] C:\WINDOWS\system32\dmuez.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [AltSwitch] C:\Program Files\AltSwitch\AltSwitch.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{90B1AC98-FEED-43A5-8179-A580237BCCAB}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{C48B0282-1AF3-4BF7-8DF4-A1099DEF81B6}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe


Merci d'avance

luboyoyo · Answer

Bonsoir,

Je ne sais plus quoi faire

HELP

Merci d'avance

Utilisateur anonyme · Answer

Salut vous deux,

pour faire avancer

Télécharges Blacklight et sauvegarde le sur ton bureau.
https://www.f-secure.com/en
Double cliques sur  " blbeta.exe " et acceptes la licence; clic sur "Scan" puis "Next"

Un rapport, va se créer sur ton bureau "fslb-....."
Copies et colles le contenu de ce rapport ici.

Ne touche à rien d'autre!


Cherche et supprime ce processus présent dans le dossier system32:
dmuez.exe


et


telecharge 
http://www.atribune.org/ccount/click.php?id=4

double clic dessus choisis "start for vundo" 
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
Une fois qu'il a redemarré colle le rapport C:\vundofix.txt et un nouveau rapport hijackthis stp

afideg · Answer

Up
;)

Utilisateur anonyme · Answer

Afiiiii salut

alors avec ton doctorAlex ? une explication :P

Utilisateur anonyme · Answer

Re

Supprime Vundofix, il n'a rien trouvé comme prévu.

1 Télécharge Killbox.
http://www.downloads.subratam.org/KillBox.zip
Place le programme dans le répertoire qui te plaît

2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows. 
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

3 Relance un scan HijackThis et coche les lignes ci-dessous :

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot 
O4 - HKLM\..\Run: [dmcnb.exe] C:\WINDOWS\system32\dmcnb.exe 
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot 
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe 
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll 
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin
pjpi150_05.dll 
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) 
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) 
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL 
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108 
O17 - HKLM\System\CCS\Services\Tcpip\..\{90B1AC98-FEED-43A5-8179-A580237BCCAB}: NameServer = 85.255.115.67,85.255.112.108 
O17 - HKLM\System\CCS\Services\Tcpip\..\{C48B0282-1AF3-4BF7-8DF4-A1099DEF81B6}: NameServer = 85.255.115.67,85.255.112.108 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108 
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AEA9680-7CD3-4C80-B97D-ABB706C522F8}: NameServer = 85.255.115.67,85.255.112.108 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.67 85.255.112.108 

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

4 Lance Pocket Killbox
--- choisis l'option Delete on Reboot
--- copie la liste ci-dessous, des fichiers à supprimer (Ctrl-C) et File / Paste from Clipboard

C:\WINDOWS\SYSTEM32\CSTAJ.EXE 
C:\WINDOWS\SYSTEM32\DMPPU.EXE 
C:\WINDOWS\system32\dmcnb.exe 

* les boutons "Single File" et "All Files" deviennent actifs mais "Single File" est activé par défaut.
Il faut alors impérativement activer (cliquer sur) "All Files", impérativement, sinon seul le premier de la liste sera supprimé.
--- vérifie que tous les fichiers sont enregistrés, par la liste déroulante "Full Path of File to Delete"
--- clique sur la croix blanche sur fond rouge (Delete File) :

- "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder

5 Redémarre normalement

Poste un nouveau log HijackThis

Utilisateur anonyme · Answer

Bonsoir

Il y a encore un fichier.

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les  manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer

1 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows. 
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

2 Relance un scan HijackThis et coche la ligne ci-dessous :

O4 - HKLM\..\Run: [dmpng.exe] C:\WINDOWS\system32\dmpng.exe

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

3 Lance Pocket Killbox
--- choisis l'option Delete on Reboot
--- copie le chemin complet du fichier dans la boîte "Full Path of File to Delete" :

C:\WINDOWS\system32\dmpng.exe 

--- clique sur la croix blanche sur fond rouge (Delete File) :
- "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder

4 Redémarre normalement

5 Lance FixWareout
Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.
Suis les directives à l'écran.
L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.
Le redémarrage risque de prendre un peu plus de temps; ceci est normal.

Lorsque redémarré, un fichier texte apparaîtra (report.txt); copie/colle ce rapport dans ta prochaine réponse, avec un nouveau rapport HijackThis également.

Utilisateur anonyme · Answer

C'est bien un fichier infectieux.

Supprime le à la place de l'autre.

Utilisateur anonyme · Answer

Bonsoir

Tu ne peux donc plus démarrer non plus en mode normal ?

As tu fais d'autres manips que celles indiquées ?

Comment as tu démarrer en mode sans échec?

As tu essayé "dernière bonne configuration connue" ?

Utilisateur anonyme · Answer

Bonjour

Moi non plus, je ne comprends pas.

Ces manips ne provoquent pas ce genre de dysfonctionnement.
Mais certaines infections arrivent à déstabiliser le système.

Essaye ceci si tu as le CD de Windows.

https://forums.cnetfrance.fr

Please ... Aide pour nettoyage

11 réponses

Discussions similaires