Sujet Précédent Sujet Suivant

[Virus] rapport hijackthis

gismo0612 Messages postés 64 Statut Membre -  
 gismo0612 -
bonjour

voilà j'ai recuperé le pc de mon cousin pour l'aidé car infecté mais je ne m'en sors pas

je vous poste les rapports

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:13:44 11/08/2007

+ Résultat de l'analyse:

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088562.dll -> Adware.BraveSentry : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088563.dll -> Adware.BraveSentry : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088567.dll -> Adware.BraveSentry : Aucune action entreprise.
C:\Program Files\Common Files\Companion Wizard\WapCHK.dll -> Adware.Companion : Aucune action entreprise.
C:\Program Files\Common Files\Companion Wizard\WapCHK{90281BFD-CB61-4D66-B81C-CEAFEDDD159A}.dll -> Adware.Companion : Aucune action entreprise.
HKLM\SOFTWARE\DeluxeCommunications -> Adware.DeluxeCommunications : Aucune action entreprise.
HKLM\SOFTWARE\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Aucune action entreprise.
HKU\S-1-5-20\Software\DeluxeCommunications -> Adware.DeluxeCommunications : Aucune action entreprise.
HKU\S-1-5-20\Software\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Aucune action entreprise.
HKLM\SOFTWARE\Classes\WR -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-3731896496-2894191798-4046530434-1006\Software\Microsoft\Active Setup\Installed Components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} -> Adware.Generic : Aucune action entreprise.
HKU\S-1-5-21-3731896496-2894191798-4046530434-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Aucune action entreprise.
C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll -> Adware.NavExcel : Aucune action entreprise.
C:\WINDOWS\nxstinst.exe -> Adware.NavExcel : Aucune action entreprise.
C:\WINDOWS\remover.dll -> Adware.NavExcel : Aucune action entreprise.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088607.exe -> Adware.SystemDoctor : Aucune action entreprise.
C:\Downloads\BeachLifeSetup-dm[1].exe -> Adware.Trymedia : Aucune action entreprise.
C:\Program Files\ComPlus Applications\horevo83122.dll -> Adware.TTC : Aucune action entreprise.
C:\WINDOWS\system32\configs\kmhp83122.exe -> Adware.TTC : Aucune action entreprise.
C:\Program Files\ucleaner_setup.exe -> Adware.UltimateDefender : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088599.dll -> Adware.WinAntiVir : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088600.dll -> Adware.WinAntiVir : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088602.dll -> Adware.WinAntiVir : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088606.exe -> Adware.WinAntiVirus : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088608.exe -> Adware.WinAntiVirus : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088598.dll -> Adware.WinAntiVixer : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088620.exe -> Adware.ZQuest : Aucune action entreprise.
C:\WINDOWS\tk58.exe -> Adware.ZQuest : Aucune action entreprise.
C:\Documents and Settings\Julius\Mes documents\Mes fichiers reçus\image026.zip/image026.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
C:\WINDOWS\album14.zip/album14.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
C:\WINDOWS\album65.zip/album65.scr -> Backdoor.IRCBot.acd : Aucune action entreprise.
C:\WINDOWS\system32\libcintles3.dll -> Backdoor.IRCBot.acd : Aucune action entreprise.
C:\WINDOWS\system32\msn.exe -> Backdoor.IRCBot.acd : Aucune action entreprise.
C:\Documents and Settings\Julius\Mes documents\photos port\hbilrj.exe -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\Documents and Settings\Julius\Mes documents\photos port\rjzwmn.exe -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album20.zip/album20.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album35.zip/album35.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album44.zip/album44.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album5.zip/album5.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album71.zip/album71.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album74.zip/album74.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album80.zip/album80.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album89.zip/album89.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\album95.zip/album95.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\image050.zip/image050.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\images21.zip/images21.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\images57.zip/images57.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\photo_album73.zip/photo_album73.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\photos2007_31.zip/photos2007_31.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\photos2007_40.zip/photos2007_40.scr -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\system32\intlprinters.exe -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\system32\libcintle2.dll -> Backdoor.IRCBot.acu : Aucune action entreprise.
[2596] C:\WINDOWS\system32\libcintle2.dll -> Backdoor.IRCBot.acu : Aucune action entreprise.
C:\WINDOWS\system32\drivers\ip6fw.sys -> Downloader.Agent.acl : Aucune action entreprise.
C:\Documents and Settings\LocalService\Local Settings\Temp\47.tmp.taras -> Downloader.Agent.byh : Aucune action entreprise.
C:\Documents and Settings\NetworkService\Local Settings\Temp\38.tmp.taras -> Downloader.Agent.byh : Aucune action entreprise.
C:\Documents and Settings\NetworkService\Local Settings\Temp\49.tmp.taras -> Downloader.Agent.byh : Aucune action entreprise.
C:\Program Files\sуmbols\rundll32.exe -> Downloader.PurityScan.ee : Aucune action entreprise.
C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\BZM0BTTY\kcehc_eicooc20070702[1] -> Downloader.Tiny.id : Aucune action entreprise.
C:\WINDOWS\system32\bvveltvm.exe -> Downloader.Tiny.id : Aucune action entreprise.
C:\WINDOWS\system32\kjpmicmm.exe -> Downloader.Tiny.id : Aucune action entreprise.
[3284] C:\WINDOWS\system32\kjpmicmm.exe -> Downloader.Tiny.id : Aucune action entreprise.
[5608] C:\WINDOWS\system32\bvveltvm.exe -> Downloader.Tiny.id : Aucune action entreprise.
C:\WINDOWS\system32\wmvds32.dll -> Downloader.VB.asx : Aucune action entreprise.
C:\WINDOWS\system32\china.exe~ -> Heuristic.Win32.Dialer : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088568.dll -> Hijacker.Agent.hz : Aucune action entreprise.
C:\WINDOWS\system32\arcac.exe~ -> Hijacker.Agent.hz : Aucune action entreprise.
C:\WINDOWS\system32\dnsersnd.dll -> Hijacker.Small.cf : Aucune action entreprise.
C:\Program Files\Online Services\ladupaho.dll -> Hijacker.StartPage : Aucune action entreprise.
C:\Program Files\Online Services\ladupaho993.dll -> Hijacker.StartPage : Aucune action entreprise.
C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Aucune action entreprise.
[1952] C:\WINDOWS\system32\aiffbgpt.exe -> Trojan.Agent.aoy : Aucune action entreprise.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088588.exe -> Trojan.Small : Aucune action entreprise.
C:\WINDOWS\system32\wcpsvtr32.exe -> Trojan.Small : Aucune action entreprise.
C:\WINDOWS\system32\spooldr.sys -> Trojan.Tibs.ap : Aucune action entreprise.

Fin du rapport

le rapport bitdefender

BitDefender Online Scanner -Scan Report
Namo WebEditor v5.0(Trial)

BitDefender Online Scanner
Scan report generated at: Sat, Aug 11, 2007 - 22:07:46
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan
path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;G:\;H:\;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistics</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Time</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">00:38:12</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">189633</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Folders</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6312</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Boot Sectors</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">7268</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Packed Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">7136</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Results</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Identified Viruses </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">39</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Infected Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">62</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Suspect Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Disinfected</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Deleted Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">60</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Engines Info</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus Definitions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">690797</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Engine build</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">37</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">System plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">First Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Disinfect</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Second Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Delete</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristics</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Enable Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scanned Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>

<tr>
<td width="57%">
<p><font face="Arial" size="2">Exclude Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Packed</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td colspan=2>  
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scanned File</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Status</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Casino\Club Dice Casino\casino.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.ACO</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Casino\Club Dice Casino\casino.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Casino\Club Dice Casino\casino.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Winfixer.O</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Rootkit.Agent.GV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.BHO.AW</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Adware.TTC.B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.Small.YD</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.Small.YD</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.Small.AV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\idien[1]</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Fotomoto.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\idien[1]</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.MNB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Adware.Fakealert.AB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Spambot.BXB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Tibs.CD</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: DeepScan:Generic.QHost.2.3E70C144</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\WinPop\winpop.exe~</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Popwin.DE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\WinPop\winpop.exe~</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\WinPop\winpop.exe~</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Generic.Peed.B9A734CC</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088571.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Generic.Peed.8D09084B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088571.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volum
A voir également:

5 réponses

Réponse 1 / 5
gismo0612 Messages postés 64 Statut Membre 2
 
merci alain de t'interesser a mon probleme
de plus je n'ai plus acces a internet avec le pc infecté

voilà le rapport bitdefender

BitDefender Online Scanner -Scan Report
BitDefenderOnline Scanner

Scan report generated at: Sat, Aug 11, 2007 - 22:07:46
>A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time
00:38:12

Files
189633

Folders
6312

Boot Sectors
2

Archives
7268

Packed Files
7136

Identified Viruses
39

Infected Files
62

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
60

Engines Info

Virus Definitions
690797

Engine build
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Scan plugins
14

Archive plugins
37

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions
 

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes<

Scan Boot
Yes

Scanned File
 Status

C:\Casino\Club Dice Casino\casino.exe
Infected with: Trojan.ACO

C:\Casino\Club Dice Casino\casino.exe<
Disinfection failed<

C:\Casino\Club Dice Casino\casino.exe
Deleted

C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe
Infected with: Trojan.Downloader.Winfixer.O

C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe
Disinfection failed

C:\Documents and Settings\Julius\Application Data\winantiviruspro2006freeinstall_fr[1].exe
Deleted

C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe
Infected with: Rootkit.Agent.GV

C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temp\74687.exe
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe
Infected with: Trojan.BHO.AW

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\IG8JEKZW\tk58[1].exe
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003
Detected with: Adware.TTC.B

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\PH89H78H\TTC-4444[1].exe=>(NSIS o)
Update failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000
Infected with: Trojan.Clicker.Small.YD

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0000
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)
Update failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Clicker.Small.YD

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)
Update failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003
Infected with: Trojan.Clicker.Small.AV

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\83122[1].exe=>(NSIS o)
Update failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\idien[1]
Infected with: Trojan.Fotomoto.A

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\RNWTBSYO\idien[1]
Deleted

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]
Infected with: Trojan.Clicker.MNB

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]
Disinfection failed

C:\Documents and Settings\Julius\Local Settings\Temporary Internet Files\Content.IE5\VT3MOYH6\kcehc_eicooc20070702[1]
Deleted

C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp
Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temp\3C.tmp
Deleted

C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp
Disinfection failed

C:\Documents and Settings\LocalService\Local Settings\Temp\48.tmp
Deleted

C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt
Detected with: Adware.Fakealert.AB

C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt
Disinfection failed

C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Desktop.htt
Deleted

C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll
Infected with: Trojan.Spambot.BXB

C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll
Disinfection failed

C:\Documents and Settings\NetworkService\Application Data\Microsoft\mwhcw.dll
Deleted

C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb
Infected with: Trojan.Tibs.CD

C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb
Disinfection failed

C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb
Deleted

C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp
Disinfection failed

C:\Documents and Settings\NetworkService\Local Settings\Temp\39.tmp
Deleted

C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp
Disinfection failed

C:\Documents and Settings\NetworkService\Local Settings\Temp\4C.tmp
Deleted

C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe
Disinfection failed

C:\Documents and Settings\NetworkService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CYZJAYKK\20509[1].exe<
Deleted

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe
Infected with: DeepScan:Generic.QHost.2.3E70C144

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe
Disinfection failed

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GCTXI452\20509[1].exe
Deleted

C:\Program Files\WinPop\winpop.exe~
Infected with: Trojan.Popwin.DE

C:\Program Files\WinPop\winpop.exe~
Disinfection failed

C:\Program Files\WinPop\winpop.exe~
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe
Infected with: Generic.Peed.B9A734CC

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088566.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088571.exe
Infected with: Generic.Peed.8D09084B

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088571.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088571.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088573.exe
Infected with: Generic.Peed.55D9DC95

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088573.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088573.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088574.exe
Infected with: Generic.Peed.EEE5F752

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088574.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088574.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088575.exe
Infected with: Generic.Peed.B73F6EE1

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088575.exe
Disinfection failed<

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088575.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088577.exe
Infected with: Trojan.Popwin.DE

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088577.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088577.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088580.exe
Infected with: Generic.Peed.E17D01E6

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088580.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088580.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088591.exe
Infected with: Trojan.DM

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088591.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088591.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088602.dll
Infected with: Trojan.Fakealert.BB

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088602.dll
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088602.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088607.exe
Infected with: Trojan.Fakealert.BX

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088607.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088607.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088614.exe
Infected with: Generic.Peed.B605F21D

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088614.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088614.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088619.exe=>(NSIS o)=>zlib_nsis0003
Detected with: Adware.TTC.B

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088619.exe=>(NSIS o)=>zlib_nsis0003
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088619.exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088619.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088620.exe
Infected with: Trojan.BHO.AW

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088620.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088620.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088930.exe
Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088930.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088931.exe<
Infected with: Trojan.Agent.Dropper.BAI

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088931.exe
Disinfection failed

c:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088931.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088932.dll
Infected with: Backdoor.IRCBot.IS

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088932.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088933.exe
Infected with: Backdoor.IRCBot.IS

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088933.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088934.dll
Infected with: Trojan.BHO.AW

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088934.dll
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088934.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088936.dll
Infected with: Trojan.Clicker.Small.CF

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088936.dll
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088936.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088937.sys
Infected with: Rootkit.Agent.DP

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088937.sys
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088937.sys
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088938.sys
Infected with: Trojan.Peed.HZS

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088938.sys
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088938.sys
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088939.dll
Infected with: Trojan.Downloader.VB.ASX

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088939.dll
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088939.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088941.dll
Infected with: Backdoor.IRCBot.ACU

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088941.dll
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088941.dll
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088942.exe
Infected with: Trojan.Clicker.MNB

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088942.exe
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088942.exe
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088949.exe
Infected with: Trojan.Fotomoto.A

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP660\A0088949.exe
Deleted

C:\WINDOWS\system32\china.exe~
Infected with: Trojan.Dialer.VUL

C:\WINDOWS\system32\china.exe~<
Disinfection failed

C:\WINDOWS\system32\china.exe~
Deleted

C:\WINDOWS\system32\configs\kmhp83122.exe=>(NSIS o)=>zlib_nsis0003
Detected with: Adware.TTC.B

C:\WINDOWS\system32\configs\kmhp83122.exe=>(NSIS o)=>zlib_nsis0003
Disinfection failed

C:\WINDOWS\system32\configs\kmhp83122.exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\WINDOWS\system32\configs\kmhp83122.exe=>(NSIS o)
Update failed

C:\WINDOWS\system32\dllcache\tcpip.sys
Infected with: Trojan.Proxy.Tibs.G

C:\WINDOWS\system32\dllcache\tcpip.sys
Disinfection failed

C:\WINDOWS\system32\dllcache\tcpip.sys
Deleted

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Infected with: Generic.Peed.B9A734CC

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Infected with: Generic.Peed.B9A734CC

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Disinfection failed

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Disinfection failed

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Deleted

C:\WINDOWS\system32\dllh8jkd1q2.exe~
Deleted

C:\WINDOWS\system32\dllh8jkd1q7.exe~
Infected with: Generic.Peed.8E63AC9B

C:\WINDOWS\system32\dllh8jkd1q7.exe~
Infected with: Generic.Peed.8E63AC9B

C:\WINDOWS\system32\dllh8jkd1q7.exe~
>Disinfection failed

C:\WINDOWS\system32\dllh8jkd1q7.exe~
Disinfection failed

C:\WINDOWS\system32\dllh8jkd1q7.exe~
Deleted

C:\WINDOWS\system32\dllh8jkd1q7.exe~
Deleted

C:\WINDOWS\system32\dllhost.exe
Clean

C:\WINDOWS\system32\dllhst3g.exe
Clean

C:\WINDOWS\system32\dmadmin.exe
Clean

C:\WINDOWS\system32\dmband.dll
Clean

C:\WINDOWS\system32\dmcompos.dll
Clean

C:\WINDOWS\system32\dmconfig.dll
Clean

C:\WINDOWS\system32\drivers\ip6fw.sys
Infected with: Rootkit.Agent.DP

C:\WINDOWS\system32\drivers\ip6fw.sys
Disinfection failed

C:\WINDOWS\system32\drivers\ip6fw.sys
Deleted

C:\WINDOWS\system32\drivers\tcpip.sys
Infected with: Trojan.Proxy.Tibs.G

C:\WINDOWS\system32\drivers\tcpip.sys
Disinfection failed

C:\WINDOWS\system32\drivers\tcpip.sys
Deleted

C:\WINDOWS\system32\f06WtR\f06WtR1083.exe
Infected with: Trojan.Downloader.VB.VGB

C:\WINDOWS\system32\f06WtR\f06WtR1083.exe
Disinfection failed

C:\WINDOWS\system32\f06WtR\f06WtR1083.exe
Deleted

C:\WINDOWS\system32\khfgffc.dll
Detected with: Adware.Virtumonde.GFZ

C:\WINDOWS\system32\khfgffc.dll
Disinfection failed

C:\WINDOWS\system32\khfgffc.dll
Delete failed

C:\WINDOWS\system32\oqinweeq.exe
Infected with: Trojan.Fotomoto.A

C:\WINDOWS\system32\oqinweeq.exe
Deleted

C:\WINDOWS\system32\prqinjef.exe
Infected with: Trojan.Fotomoto.A

C:\WINDOWS\system32\prqinjef.exe
Deleted

C:\WINDOWS\system32\sjjdiygj.exe
Infected with: Trojan.Fotomoto.A

C:\WINDOWS\system32\sjjdiygj.exe
Deleted

C:\WINDOWS\system32\vedxg6ame4.exe~
Infected with: Generic.Peed.9A0498F3

C:\WINDOWS\system32\vedxg6ame4.exe~
Disinfection failed

C:\WINDOWS\system32\vedxg6ame4.exe~
Deleted

C:\WINDOWS\system32\vedxga4m1et4.exe~
Infected with: Trojan.Peed.IDE

C:\WINDOWS\system32\vedxga4m1et4.exe~
Disinfection failed

C:\WINDOWS\system32\vedxga4m1et4.exe~
Deleted

C:\WINDOWS\system32\vtsqo.dll
Infected with: DeepScan:Generic.Virtumonde.1.497C348E

C:\WINDOWS\system32\vtsqo.dll
Disinfection failed

C:\WINDOWS\system32\vtsqo.dll
Delete failed

C:\WINDOWS\tk58.exe
Infected with: Trojan.BHO.AW

C:\WINDOWS\tk58.exe
Disinfection failed

C:\WINDOWS\tk58.exe
Deleted

C:\WINDOWS\TTC-4444.exe=>(NSIS o)=>zlib_nsis0003
Detected with: Adware.TTC.B

C:\WINDOWS\TTC-4444.exe=>(NSIS o)=>zlib_nsis0003
Disinfection faile

C:\WINDOWS\TTC-4444.exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\WINDOWS\TTC-4444.exe=>(NSIS o)
Update failed

et voilà le rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 22:10:47, on 11/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.plextor.be/technicalservices/support/prodreg.asp?choice=Product%20registration
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F3 - REG:win.ini: run=C:\WINDOWS\ServicePackFiles\winlogon.exe
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\jplssdga.dll",forkonce
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acmw] "C:\PROGRA~1\SMBOLS~1\rundll32.exe" -vt ndrv
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Club Dice Casino - {907A768D-DD74-476d-8487-FD27DF7AD7FF} - C:\Casino\Club Dice Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Club Dice Casino - {907A768D-DD74-476d-8487-FD27DF7AD7FF} - C:\Casino\Club Dice Casino\casino.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by123fd.bay123.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab55200.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: printers - {B9299B74-F685-4B11-9B2F-79170AE62E47} - libcintle2.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\bfnatidg.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
1
Réponse 2 / 5
gismo0612 Messages postés 64 Statut Membre 2
 
personne n'a d'idée
1
Réponse 3 / 5
Alain
 
lire et cliquer sur générer un rapport, la démo marche quelque soit le rapport affiché par le" bloc note windows",
sur le forum il suffit de coller.Le rapport bitdefender est illisible comme ça,remets- le
http://pageperso.aol.fr/balltrap34/demohijack.htm

Je suppose que tu fais :
virus methode preliminaire de desinfection version fr
donc les gens d' ici attendent d' avoir les 3 rapports lisibles pour te répondre. Bon courage
0
Réponse 4 / 5
Alain
 
On dirait que tu as déjà supprimé des bébètes,penser a désactiver-réactiver la restauration(voir la checklist)
https://sebsauvage.net/safehex.html#r048b
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
gismo0612
 
un petit up

svp
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses