Infecté par win 32 et autres trojan

Résolu/Fermé

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 - 30 mars 2007 à 16:50
philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 - 11 avril 2007 à 09:32

slt à tous,

pc infecté par win 32(avast le met en quarantaine sans résultat!)
l'ouverture des pages bloquées ou très lente
ouverture de fenêtres intempestives
j'ai utilisé SDfix mais pas trop de résultat
bref c le bordel
besoin d'un coup de main
merci
ci joint rapport

Logfile of HijackThis v1.99.1
Scan saved at 16:46:45, on 30/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\WINDOWS\System32\taerq.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\System32\irdvxc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\smss.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\philippe\LOCALS~1\Temp\Rar$EX01.390\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\System32\qcrkepei.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {E1DAC82B-1C81-41B2-AC1B-6AE2653965E0} - C:\WINDOWS\System32\awttrom.dll
O2 - BHO: (no name) - {F3C93D0C-35EE-416F-ACCA-05BBA61C5D4A} - C:\WINDOWS\System32\vtutt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\System32\taerq.exe
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\System32\ubsphlju.dll",setvm
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awttrom - C:\WINDOWS\SYSTEM32\awttrom.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll (file missing)
O20 - Winlogon Notify: vtutt - C:\WINDOWS\System32\vtutt.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows NT-Session Manager - Unknown owner - C:\WINDOWS\smss.exe

A voir également:

Infecté par win 32 et autres trojan
32 bits - Guide
Poweriso 32 bit - Télécharger - Gravure
Trojan remover - Télécharger - Antivirus & Antimalwares
Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
Win setup from usb - Télécharger - Utilitaires

9 réponses

Réponse 1 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
30 mars 2007 à 18:39

bonsoir,

dans un 1er temps fait ceci :

* Télécharge VundoFix.exe (par Atribune) sur ton Bureau

http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer

* Clique sur le bouton Scan for Vundo

* Lorsque le scan est complété, clique sur le bouton Remove Vundo

* Une invite te demandera si tu veux supprimer les fichiers, clique YES

* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
30 mars 2007 à 20:20

scan effectué voici mes rapports
avast détecte toujours win 32 dialer
merci

VundoFix V6.3.18

Checking Java version...

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Scan started at 19:33:27 30/03/2007

Listing files found while scanning....

C:\Program Files\VSAdd-in\VSAdd-in.dll
C:\WINDOWS\system32\awtqp.dll
C:\WINDOWS\system32\awtsp.dll
C:\WINDOWS\system32\awttrom.dll
C:\WINDOWS\system32\cbxvuus.dll
C:\WINDOWS\system32\cbxxyxw.dll
C:\WINDOWS\system32\crqubley.dll
C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\efhkj.ini
C:\WINDOWS\system32\gebcd.dll
C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\geebc.dll
C:\WINDOWS\system32\hxpaqsfk.dll
C:\WINDOWS\system32\ijdejqxn.exe
C:\WINDOWS\system32\jkhfe.dll
C:\WINDOWS\system32\jkkhgfg.dll
C:\WINDOWS\system32\jkkli.dll
C:\WINDOWS\system32\jkkllii.dll
C:\WINDOWS\system32\kgyfbmkx.dll
C:\WINDOWS\system32\khffcdc.dll
C:\WINDOWS\system32\ljjiigh.dll
C:\WINDOWS\system32\ljjklki.dll
C:\WINDOWS\system32\mljgh.dll
C:\WINDOWS\system32\opnkjhh.dll
C:\WINDOWS\system32\opnkllj.dll
C:\WINDOWS\system32\opnmmnl.dll
C:\WINDOWS\system32\pmkhh.dll
C:\WINDOWS\system32\pmkjk.dll
C:\WINDOWS\system32\pmnlljh.dll
C:\WINDOWS\system32\qcrkepei.dll
C:\WINDOWS\system32\ssqpo.dll
C:\WINDOWS\system32\ssqpq.dll
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\ttutv.bak1
C:\WINDOWS\system32\ttutv.bak2
C:\WINDOWS\system32\ttutv.ini
C:\WINDOWS\system32\ttutv.ini2
C:\WINDOWS\system32\ttutv.tmp
C:\WINDOWS\system32\ubsphlju.dll
C:\WINDOWS\system32\ujlhpsbu.ini
C:\WINDOWS\system32\urqronl.dll
C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\System32\vtutt.dll
C:\WINDOWS\system32\vtutuvt.dll
C:\WINDOWS\system32\ywkcfrra.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awtqp.dll
C:\WINDOWS\system32\awtqp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awtsp.dll
C:\WINDOWS\system32\awtsp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awttrom.dll
C:\WINDOWS\system32\awttrom.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cbxvuus.dll
C:\WINDOWS\system32\cbxvuus.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cbxxyxw.dll
C:\WINDOWS\system32\cbxxyxw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\crqubley.dll
C:\WINDOWS\system32\crqubley.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\ddcyw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\efhkj.ini
C:\WINDOWS\system32\efhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebcd.dll
C:\WINDOWS\system32\gebcd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\geebb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\geebc.dll
C:\WINDOWS\system32\geebc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hxpaqsfk.dll
C:\WINDOWS\system32\hxpaqsfk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ijdejqxn.exe
C:\WINDOWS\system32\ijdejqxn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhfe.dll
C:\WINDOWS\system32\jkhfe.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkhgfg.dll
C:\WINDOWS\system32\jkkhgfg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkli.dll
C:\WINDOWS\system32\jkkli.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkllii.dll
C:\WINDOWS\system32\jkkllii.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kgyfbmkx.dll
C:\WINDOWS\system32\kgyfbmkx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\khffcdc.dll
C:\WINDOWS\system32\khffcdc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjiigh.dll
C:\WINDOWS\system32\ljjiigh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjklki.dll
C:\WINDOWS\system32\ljjklki.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mljgh.dll
C:\WINDOWS\system32\mljgh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnkjhh.dll
C:\WINDOWS\system32\opnkjhh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnkllj.dll
C:\WINDOWS\system32\opnkllj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmmnl.dll
C:\WINDOWS\system32\opnmmnl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmkhh.dll
C:\WINDOWS\system32\pmkhh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmkjk.dll
C:\WINDOWS\system32\pmkjk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmnlljh.dll
C:\WINDOWS\system32\pmnlljh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qcrkepei.dll
C:\WINDOWS\system32\qcrkepei.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqpo.dll
C:\WINDOWS\system32\ssqpo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqpq.dll
C:\WINDOWS\system32\ssqpq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\sstqp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttutv.bak1
C:\WINDOWS\system32\ttutv.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttutv.bak2
C:\WINDOWS\system32\ttutv.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttutv.ini
C:\WINDOWS\system32\ttutv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttutv.ini2
C:\WINDOWS\system32\ttutv.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttutv.tmp
C:\WINDOWS\system32\ttutv.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ubsphlju.dll
C:\WINDOWS\system32\ubsphlju.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ujlhpsbu.ini
C:\WINDOWS\system32\ujlhpsbu.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\urqronl.dll
C:\WINDOWS\system32\urqronl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vtsqn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\vtstt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\vturs.dll Has been deleted!

Attempting to delete C:\WINDOWS\System32\vtutt.dll
C:\WINDOWS\System32\vtutt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtutuvt.dll
C:\WINDOWS\system32\vtutuvt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ywkcfrra.exe
C:\WINDOWS\system32\ywkcfrra.exe Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 20:18:58, on 30/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\WINDOWS\System32\taerq.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\WINDOWS\System32\irdvxc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\smss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\philippe\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\System32\qcrkepei.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {E1DAC82B-1C81-41B2-AC1B-6AE2653965E0} - C:\WINDOWS\System32\awttrom.dll (file missing)
O2 - BHO: (no name) - {EC11F572-689D-46E0-A191-246C42C07202} - C:\WINDOWS\System32\vtutt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\System32\taerq.exe
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\System32\ubsphlju.dll",setvm
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows NT-Session Manager - Unknown owner - C:\WINDOWS\smss.exe

Réponse 2 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
30 mars 2007 à 22:23

bonsoir,

déjà vundo a bien bossé, on continue

mais ton système n'est pas à jour.

Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

il faudrait songer à faire les màj.

* réinstalle hijackthis correctement, il ne doit pas être installé dans les fichiers temporaires

C:\DOCUME~1\philippe\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe

puis

* Télécharge Pocket KillBox sur ton bureau.
http://www.downloads.subratam.org/KillBox.exe

puis

Ouvre HijackThis---open the misc tool section>Misc tools>delete an NT service.
Dans l'invite de commande, entre Network helper Service
Valide.

puis

* Relance Vundofix
* Ne clique pas sur "Scan for a vundo"
* Clique droit au milieu de la fenêtre
* Clique sur Add more files ?
* Copie/colle les fichiers ci-dessous ( un par case) :

C:\WINDOWS\System32\ubsphlju.dll

* Clique sur Add files
* Ensuite clique sur Close Windows
* Enfin, clique sur Remove Vundo ( les fichiers précédents doivent apparaitre dans la fenêtre principale)
* Si l'outils demande un redémarrage, accepte
* Poste le rapport Vundofix

puis

lance hijackthis "do a system scan only" puis coche ces lignes :

O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\System32\qcrkepei.dll (file missing)
O2 - BHO: (no name) - {E1DAC82B-1C81-41B2-AC1B-6AE2653965E0} - C:\WINDOWS\System32\awttrom.dll (file missing)
O2 - BHO: (no name) - {EC11F572-689D-46E0-A191-246C42C07202} - C:\WINDOWS\System32\vtutt.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\System32\taerq.exe
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\System32\ubsphlju.dll",setvm
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll (file missing)
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)

* ferme toutes les applications ouvertes y compris Internet Explorer et clique sur "fix checked"

puis

* Double-clique sur le fichier Killbox.exe, et coche la case "Delete on reboot".

* copie d'un trait les lignes de la citation suivante :

C:\WINDOWS\System32\irdvxc.exe
C:\WINDOWS\System32\taerq.exe
C:\WINDOWS\System32\rpcc.dll

Sur PocketKillBox --> menu "File" --> "Paste from Clipboard" (tu ne verras rien se passer).

Tu peux vérifier dans le menu déroulant que tous les fichiers sont bien présents.
- coche la case "Unregister dll before deleting" (si tu en as la possibilité)
- clique sur le bouton "All files"
- clique ensuite sur la croix rouge

Au deux messages qui vont s'afficher, tu réponds par "YES"
L'ordinateur doit redémarrer, sinon, fais le toi-même, quoiqu'il arrive.

poste le rapport de vundofix ainsi qu'un nouveau rapport hijackthis stp

Réponse 3 / 9

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
1 avril 2007 à 14:00

slt
je ne fais pas les mises à jour pour ne pas être bloqué avec ma version copié de XP
sinon les pbs ont l'air résolu merci pour ton aide

voici les rapports

merci

VundoFix V6.3.18

Checking Java version...

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Scan started at 13:10:29 01/04/2007

Listing files found while scanning....

No infected files were foun

Logfile of HijackThis v1.99.1
Scan saved at 13:59:54, on 01/04/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\smss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\philippe\LOCALS~1\Temp\Rar$EX00.093\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows NT-Session Manager - Unknown owner - C:\WINDOWS\smss.exe

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
2 avril 2007 à 13:35

slt

toujours qq pb de lenteur d'ouverture des pages et de lenteur de connexion malgré le haut débit mais je n'ai plus d'alertes trojan

Réponse 4 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
2 avril 2007 à 17:28

bonjour,

je préfèrerais que tu fasses un scan antivirus en ligne pour confirmation stp

https://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
3 avril 2007 à 10:57

scan effectué qd je vois le rapport je me doute que mon pc est encore infecté
j'ia eu pas mal d'alerte avast pd le scan (win 32 et ver ...)
merci pour ton aide
;-)

BitDefender Online Scanner

Scan report generated at: Tue, Apr 03, 2007 - 10:46:24

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;

Statistics

Time
14:14:24

Files
389260

Folders
3486

Boot Sectors
2

Archives
5334

Packed Files
35124

Results

Identified Viruses
17

Infected Files
113

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
114

Engines Info

Virus Definitions
416880

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\!KillBox\irdvxc.exe
Infected with: Worm.Allaple.A

C:\!KillBox\irdvxc.exe
Disinfection failed

C:\!KillBox\irdvxc.exe
Deleted

C:\!KillBox\taerq.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\!KillBox\taerq.exe
Disinfection failed

C:\!KillBox\taerq.exe
Deleted

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Infected with: Trojan.Dialer.KQ

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Disinfection failed

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Deleted

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk
Update failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\BQM4ZCRU\kan[1].exe
Detected with: Dialer.Delsim.B

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\BQM4ZCRU\kan[1].exe
Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\BQM4ZCRU\kan[1].exe
Deleted

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G7KDGLOF\kum[1].exe
Infected with: Trojan.Dialer.KQ

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G7KDGLOF\kum[1].exe
Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G7KDGLOF\kum[1].exe
Deleted

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/explorer.exe
Infected with: Backdoor.SDBot.VanBot.A

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/explorer.exe
Disinfection failed

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/explorer.exe
Deleted

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip
Updated

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/i
Infected with: Generic.Botget.28767137

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/i
Deleted

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip
Updated

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/spoolsvc.exe
Infected with: DeepScan:Generic.Sdbot.6EAC1482

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/spoolsvc.exe
Disinfection failed

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip=>backups/spoolsvc.exe
Deleted

C:\Documents and Settings\philippe\Bureau\SDFix\backups\backups.zip
Updated

C:\fv8u9t6f5j7.exe
Infected with: Trojan.Dialer.KQ

C:\fv8u9t6f5j7.exe
Disinfection failed

C:\fv8u9t6f5j7.exe
Deleted

C:\Program Files\a-squared Anti-Malware\Quarantine\e641a266c114d22f5e7fb0fbd08c6769.a2q=>WINDOWS/System32/logon.exe=>(Quarantine-PE)
Infected with: DeepScan:Generic.Sdbot.6EAC1482

C:\Program Files\a-squared Anti-Malware\Quarantine\e641a266c114d22f5e7fb0fbd08c6769.a2q=>WINDOWS/System32/logon.exe=>(Quarantine-PE)
Disinfection failed

C:\Program Files\a-squared Anti-Malware\Quarantine\e641a266c114d22f5e7fb0fbd08c6769.a2q=>WINDOWS/System32/logon.exe=>(Quarantine-PE)
Deleted

C:\Program Files\a-squared Anti-Malware\Quarantine\e641a266c114d22f5e7fb0fbd08c6769.a2q
Updated

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP192\A0028336.exe
Infected with: DeepScan:Generic.Sdbot.6EAC1482

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP192\A0028336.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP192\A0028336.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033201.exe
Infected with: Trojan.Proxy.Ranky.L

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033201.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033201.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033202.exe
Infected with: Trojan.Proxy.Ranky.L

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033202.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP212\A0033202.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033359.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033359.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033359.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033367.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033367.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033367.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033368.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033368.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033368.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033369.exe
Detected with: Dialer.Delsim.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033369.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033369.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033370.dll
Infected with: Trojan.Juan.Q

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033370.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033370.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033371.dll
Infected with: Trojan.Virtumod.JB

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033371.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033371.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033372.dll
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033372.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033372.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033373.exe
Infected with: Trojan.Agent.ACL

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033373.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033373.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033376.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033376.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033376.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033417.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033417.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033417.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033418.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033418.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033418.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033419.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033419.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033419.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033420.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033420.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033420.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033426.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033426.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033426.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033427.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033427.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033427.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033428.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033428.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033428.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033456.exe
Detected with: Dialer.Delsim.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033456.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP213\A0033456.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0033552.exe
Detected with: Dialer.Delsim.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0033552.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0033552.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036561.exe
Detected with: Dialer.Delsim.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036561.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036561.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036564.exe
Infected with: Backdoor.SDBot.VanBot.A

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036564.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036564.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036565.exe
Infected with: DeepScan:Generic.Sdbot.6EAC1482

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036565.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0036565.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037669.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037669.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037669.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037670.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037670.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0037670.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038670.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038670.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038670.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038671.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038671.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038671.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038674.exe
Infected with: Worm.Allaple.A

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038674.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0038674.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039668.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039668.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039668.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039676.dll
Infected with: MemScan:Trojan.Vundo.AJ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039676.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039676.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039677.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039677.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039677.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039679.dll
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039679.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039679.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039685.dll
Infected with: Trojan.Juan.Q

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039685.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039685.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039686.exe
Infected with: Trojan.Agent.ACL

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039686.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039686.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039688.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039688.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039688.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039690.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039690.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039690.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039691.dll
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039691.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039691.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039692.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039692.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039692.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039693.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039693.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039693.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039694.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039694.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039694.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039696.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039696.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039696.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039697.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039697.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039697.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039698.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039698.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039698.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039701.dll
Infected with: MemScan:Trojan.Vundo.AJ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039701.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039701.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039707.dll
Infected with: Trojan.Virtumod.JB

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039707.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039707.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039708.dll
Infected with: Trojan.Virtumod.GK

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039708.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039708.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039713.dll
Infected with: MemScan:Trojan.Vundo.AJ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039713.dll
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039713.dll
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039714.exe
Infected with: Trojan.Agent.ACL

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039714.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039714.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039727.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039727.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039727.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039728.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039728.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039728.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039733.exe
Detected with: Dialer.Delsim.B

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039733.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039733.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039748.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039748.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039748.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039749.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039749.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039749.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039904.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039904.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039904.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039905.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039905.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039905.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039929.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039929.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039929.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039930.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039930.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039930.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039933.exe
Infected with: Worm.Allaple.A

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039933.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039933.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039934.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039934.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039934.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039947.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039947.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039947.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039948.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039948.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP214\A0039948.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040125.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040125.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040125.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040126.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040126.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040126.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040157.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040157.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040157.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040158.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040158.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040158.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040179.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040179.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040179.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040180.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040180.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040180.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040271.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040271.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040271.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040272.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040272.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040272.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040277.exe
Infected with: Worm.Allaple.A

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040277.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040277.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040278.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040278.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP215\A0040278.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040280.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040280.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040280.exe
Deleted

C:\v8w3l2y2c8b.exe
Infected with: Trojan.Dialer.KQ

C:\v8w3l2y2c8b.exe
Disinfection failed

C:\v8w3l2y2c8b.exe
Deleted

C:\VundoFix Backups\awttrom.dll.bad
Infected with: MemScan:Trojan.Vundo.AJ

C:\VundoFix Backups\awttrom.dll.bad
Disinfection failed

C:\VundoFix Backups\awttrom.dll.bad
Deleted

C:\VundoFix Backups\cbxvuus.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\cbxvuus.dll.bad
Disinfection failed

C:\VundoFix Backups\cbxvuus.dll.bad
Deleted

C:\VundoFix Backups\jkkhgfg.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\jkkhgfg.dll.bad
Disinfection failed

C:\VundoFix Backups\jkkhgfg.dll.bad
Deleted

C:\VundoFix Backups\jkkllii.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\jkkllii.dll.bad
Disinfection failed

C:\VundoFix Backups\jkkllii.dll.bad
Deleted

C:\VundoFix Backups\khffcdc.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\khffcdc.dll.bad
Disinfection failed

C:\VundoFix Backups\khffcdc.dll.bad
Deleted

C:\VundoFix Backups\ljjiigh.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\ljjiigh.dll.bad
Disinfection failed

C:\VundoFix Backups\ljjiigh.dll.bad
Deleted

C:\VundoFix Backups\ljjklki.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\ljjklki.dll.bad
Disinfection failed

C:\VundoFix Backups\ljjklki.dll.bad
Deleted

C:\VundoFix Backups\opnkjhh.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\opnkjhh.dll.bad
Disinfection failed

C:\VundoFix Backups\opnkjhh.dll.bad
Deleted

C:\VundoFix Backups\opnkllj.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\opnkllj.dll.bad
Disinfection failed

C:\VundoFix Backups\opnkllj.dll.bad
Deleted

C:\VundoFix Backups\opnmmnl.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\opnmmnl.dll.bad
Disinfection failed

C:\VundoFix Backups\opnmmnl.dll.bad
Deleted

C:\VundoFix Backups\pmnlljh.dll.bad
Infected with: MemScan:Trojan.Vundo.AJ

C:\VundoFix Backups\pmnlljh.dll.bad
Disinfection failed

C:\VundoFix Backups\pmnlljh.dll.bad
Deleted

C:\VundoFix Backups\ubsphlju.dll.bad
Infected with: Trojan.Virtumod.JB

C:\VundoFix Backups\ubsphlju.dll.bad
Disinfection failed

C:\VundoFix Backups\ubsphlju.dll.bad
Deleted

C:\VundoFix Backups\urqronl.dll.bad
Infected with: Trojan.Virtumod.GK

C:\VundoFix Backups\urqronl.dll.bad
Disinfection failed

C:\VundoFix Backups\urqronl.dll.bad
Deleted

C:\VundoFix Backups\vtutuvt.dll.bad
Infected with: MemScan:Trojan.Vundo.AJ

C:\VundoFix Backups\vtutuvt.dll.bad
Disinfection failed

C:\VundoFix Backups\vtutuvt.dll.bad
Deleted

C:\WINDOWS\Downloaded Program Files\on.exe
Infected with: Trojan.Downloader.Femad.XA

C:\WINDOWS\Downloaded Program Files\on.exe
Disinfection failed

C:\WINDOWS\Downloaded Program Files\on.exe
Deleted

C:\WINDOWS\system32\.exe
Infected with: DeepScan:Generic.Malware.SFWX!g.23E63892

C:\WINDOWS\system32\.exe
Disinfection failed

C:\WINDOWS\system32\.exe
Deleted

C:\WINDOWS\system32\acbme.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\acbme.exe
Disinfection failed

C:\WINDOWS\system32\acbme.exe
Deleted

C:\WINDOWS\system32\cpjgm.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\cpjgm.exe
Disinfection failed

C:\WINDOWS\system32\cpjgm.exe
Deleted

C:\WINDOWS\system32\iyem.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\iyem.exe
Disinfection failed

C:\WINDOWS\system32\iyem.exe
Deleted

C:\WINDOWS\system32\lldveovt.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\lldveovt.exe
Disinfection failed

C:\WINDOWS\system32\lldveovt.exe
Deleted

C:\WINDOWS\system32\melvijx.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\melvijx.exe
Disinfection failed

C:\WINDOWS\system32\melvijx.exe
Deleted

C:\WINDOWS\system32\nudpkmg.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\nudpkmg.exe
Disinfection failed

C:\WINDOWS\system32\nudpkmg.exe
Deleted

C:\WINDOWS\system32\o
Infected with: Generic.Botget.C804021E

C:\WINDOWS\system32\o
Deleted

C:\WINDOWS\system32\qbki.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\qbki.exe
Disinfection failed

C:\WINDOWS\system32\qbki.exe
Deleted

C:\WINDOWS\system32\rcslte.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\rcslte.exe
Disinfection failed

C:\WINDOWS\system32\rcslte.exe
Deleted

C:\WINDOWS\system32\vviexx.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\vviexx.exe
Disinfection failed

C:\WINDOWS\system32\vviexx.exe
Deleted

C:\WINDOWS\system32\xwxcmovy.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\xwxcmovy.exe
Disinfection failed

C:\WINDOWS\system32\xwxcmovy.exe
Deleted

C:\WINDOWS\system32\zhpmpp.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\zhpmpp.exe
Disinfection failed

C:\WINDOWS\system32\zhpmpp.exe
Deleted

C:\WINDOWS\system32\zziq.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\WINDOWS\system32\zziq.exe
Disinfection failed

C:\WINDOWS\system32\zziq.exe
Deleted

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
3 avril 2007 à 12:07

bonjour,

au vu du rapport, beaucoup de choses se trouvaient dans :

backups de killbox
quarantaine de A2
backups de vundo
et restauration système (on arrangera ca après)

pour l'instant supprime

c:\!killbox
C:\VundoFix Backups

vide ta quarantaine (A2)

* fait un scan avec A2
poste le rapport

reposte un nouveau rapport hijackthis

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
5 avril 2007 à 18:22

voici mes nvx rapports

merci

BitDefender Online Scanner

Scan report generated at: Wed, Apr 04, 2007 - 22:58:53

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;

Statistics

Time
08:12:19

Files
391755

Folders
3505

Boot Sectors
2

Archives
5376

Packed Files
35316

Results

Identified Viruses
2

Infected Files
12

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
12

Engines Info

Virus Definitions
417447

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Infected with: Trojan.Dialer.KQ

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Disinfection failed

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk=>C:\Program Files\Fichiers communs\delsim\del.exe
Deleted

C:\Documents and Settings\All Users\Menu Démarrer\del.lnk
Update failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4FCXSJ2V\kum[1].exe
Infected with: Trojan.Dialer.KQ

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4FCXSJ2V\kum[1].exe
Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4FCXSJ2V\kum[1].exe
Deleted

C:\fv8u9t6f5j7.exe
Infected with: Trojan.Dialer.KQ

C:\fv8u9t6f5j7.exe
Disinfection failed

C:\fv8u9t6f5j7.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040358.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040358.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040358.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040370.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040370.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040370.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040371.exe
Infected with: GenPack:Trojan.Downloader.ASF

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040371.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040371.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040407.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040407.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040407.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040408.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040408.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP216\A0040408.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040411.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040411.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040411.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040506.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040506.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040506.exe
Deleted

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040507.exe
Infected with: Trojan.Dialer.KQ

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040507.exe
Disinfection failed

C:\System Volume Information\_restore{464A1F3E-B5D3-4046-9F80-84CBF804B5C1}\RP217\A0040507.exe
Deleted

C:\v8w3l2y2c8b.exe
Infected with: Trojan.Dialer.KQ

C:\v8w3l2y2c8b.exe
Disinfection failed

C:\v8w3l2y2c8b.exe
Deleted

Logfile of HijackThis v1.99.1
Scan saved at 18:21:43, on 05/04/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\smss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\philippe\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O8 - Extra context menu item: &Add to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows NT-Session Manager - Unknown owner - C:\WINDOWS\smss.exe

Réponse 6 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
5 avril 2007 à 22:06

bonsoir,

je viens de relire ton post.
plusieurs constatations
je te disais que ton système n'était pas à jour....tu ne m'as pas répondu
ensuite tu n'as pas réinstallé comme demandé hijackthis correctement....

puis installe rapidement un firewall que tu n'as visiblement pas, tu vas te retrouver ré infecté en permanence.

où en est ton pc actuellement

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
8 avril 2007 à 09:17

slt,
je n'ai plus d'alerte trojan et mon pc a l'air redevenu normal
mais encore infecté rapport bitdefender !!

sinon pas de mise à jour xp raison c une copie et windows va me le signaler si je fais les mises à jours à chaque allumage de mon pc

je suis sous firewall kério(tu n'a pas du le voir) et anti virus avast

pour hijackthis je ne comprend pas ta question puisque c un fichier exécutable et donc pas nécessaire de l'inataller;

merci pour ton aide
@+

Réponse 7 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
8 avril 2007 à 11:54

bonjour,

je n'ai plus d'alerte trojan et mon pc a l'air redevenu normal
mais encore infecté rapport bitdefender !!

si tu parles du dernier, non il a nettoyé, si tu parles d'un nouveau scan faut le poster
si ton pc tourne correctement, je t'indiquerais les dernières manip à effectuer

sinon pas de mise à jour xp raison c une copie et windows va me le signaler si je fais les mises à jours à chaque allumage de mon pc


je suis sous firewall kério(tu n'a pas du le voir) et anti virus avast

effectivement je ne l'avais pas vu, désolée

pour hijackthis je ne comprend pas ta question puisque c un fichier exécutable et donc pas nécessaire de l'inataller;

pourtant il ne doit pas être dans les fichiers temporaires. Regarde le tuto, c'est expliqué
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
9 avril 2007 à 19:50

slt

mon pc fonctionne correctement

j'ai installé hijackthis comme indiqué sur le tuto (faut-il le supprimer ds fichier temporaire et comment ?)

quelles sont les denières manips à effectuer ?

merci

Logfile of HijackThis v1.99.1
Scan saved at 19:49:59, on 09/04/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\smss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O8 - Extra context menu item: &Add to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.fra.chello.fr/ssi/welcome/welcome.php?url=home&src=ie
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows NT-Session Manager - Unknown owner - C:\WINDOWS\smss.exe

Réponse 8 / 9

philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
9 avril 2007 à 21:07

bonsoir,

j'ai installé hijackthis comme indiqué sur le tuto (faut-il le supprimer ds fichier temporaire et comment ?)

tu suis le chemin en te servant de l'explorateur pour le supprimer
C:\DOCUMENTS & SETTINGS\philippe\LOCALS SETTINGS\Temp\Rar$EX00.641\HijackThis.exe

si ton pc se comporte bien, je pense que tout est ok maintenant

* Tu peux supprimer tous les logiciels que nous avons utilisés (Type: SmitFraufix, Blacklight, SDFix, ect.....)
qui traitent des infections spécifiques et qui sont mis à jour réguliérement.
Tu peux par contre, garder AVG antispyware et CCleaner.

* démarrer-----------panneau de configuration------------système----------
onglet Restauration système-----------coche la case (Désactiver la restauration système)--------------
redémarre l'ordinateur
réactive la ensuite

* Pour améliorer la sécurité de ton PC prend quelques instants pour lire

CECI

* Dénonce ton infection pour faire condamner les auteurs.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection :

- Voir les règles du forum : https://malwarecomplaints.info/
- Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

Tu as alors sous forme de liste un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).
La tienne = ******

---> https://malwarecomplaints.info/

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections
conforme au règle du forum (age, ville, département etc..)

Indique aussi le nom du Forum qui t'a aidé, <grad>CommentCaMarche</gras>

* met ton sujet en RESOLU stp, merci.

Réponse 9 / 9

philbt22 Messages postés 71 Date d'inscription samedi 9 septembre 2006 Statut Membre Dernière intervention 23 juin 2009 1
11 avril 2007 à 09:32

merci pour ton aide
@+

Discussions similaires

Voxbone ? qui est-ce ?

cheval de troie trojan

Comment supprimer le virus Trojan

Aide pour un virus

Trojan impossible à supprimer!