Virus msn n039-jpg
jamjam13
Messages postés
27
Date d'inscription
Statut
Membre
Dernière intervention
-
clownface Messages postés 1490 Statut Membre -
clownface Messages postés 1490 Statut Membre -
J'ai recu un message d'un de mes contacts avec un dossier .zip
j'ai ouvert se dossier
il c alors propagé dans mes contact
j'ai fais un scan avec adaware puis ccleaner puis spybot
Que puije faire pour le supprimer ????
j'ai ouvert se dossier
il c alors propagé dans mes contact
j'ai fais un scan avec adaware puis ccleaner puis spybot
Que puije faire pour le supprimer ????
A voir également:
- Virus msn n039-jpg
- Virus mcafee - Accueil - Piratage
- Convertir hevc en jpg - Guide
- Réduire taille jpg - Guide
- Telecharger msn - Télécharger - Messagerie
- Virus informatique - Guide
44 réponses
je ne trouve pas le fichier usnsvc.exe....par contre j'ai supprimer le dossier en .rar n039.
mon virus a t'il etait supprimé???
mon virus a t'il etait supprimé???
il semblerait.
fais ces manips si tu veux t'en assurer : virus methode preliminaire de desinfection version fr
fais ces manips si tu veux t'en assurer : virus methode preliminaire de desinfection version fr
je dois faire toutes c manip et enfin poster les rapports????
merci bc de ton aide
j'espere qu'il est parti ce virus.
merci bc de ton aide
j'espere qu'il est parti ce virus.
bah s'il n'y a rien dans les rapports tout va bien t'es pas obligé de les poster..
par contre s'ils trouvent des choses il vaudrait mieux effectivement
par contre s'ils trouvent des choses il vaudrait mieux effectivement
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 21:04:56 26/09/2007
+ Résultat de l'analyse:
:mozilla.35:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.23:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.10:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.11:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.12:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.13:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.14:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.15:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
Fin du rapport
---------------------------------------------------------
+ Créé à: 21:04:56 26/09/2007
+ Résultat de l'analyse:
:mozilla.35:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.23:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.10:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.11:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.12:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.13:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.14:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.15:C:\Documents and Settings\Hé l'eau\Application Data\Mozilla\Firefox\Profiles\35sw17vw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
Fin du rapport
merci, je vais bidefender ca pd pas mal de tps
je te poste les deux derniers rapports des que c'est fini
et encore merci
je te poste les deux derniers rapports des que c'est fini
et encore merci
Bonjour, j'ai eu ce même problème de virus msn ,et j'ai fait un scan msnfix , voilà ce que ca donne :
MSNFix 1.521
C:\Documents and Settings\L‚a\Mes documents\MSNFix
Fix exécuté le 26/09/2007 - 21:55:25,42 By L‚a
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\qwere.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\N039_jpg.zip
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
************************ Suppression des fichiers
.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\qwere.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\qwere.exe
.. OK ... C:\qwere.exe
.. OK ... C:\WINDOWS\N039_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\
************************ Nettoyage du registre
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\plusaqar.scr] C7164ECEE91C77C0D1B7B168B80B0A63
[C:\WINDOWS\system32\pluscirc.scr] D274128D6EC74503C99FCD931691BE6A
[C:\WINDOWS\system32\plusdavn.scr] 9BC8A633965004DC061F4E937D3F6949
[C:\WINDOWS\system32\plusmcry.scr] BF4EA995201F01F515391D22141F1117
[C:\WINDOWS\system32\plusmpix.scr] B8B9F9DEE90DDF36D9B4829285ECBEAB
[C:\WINDOWS\system32\plusnatr.scr] 5E757AEE9113F272DB526F290958932D
[C:\WINDOWS\system32\plussand.scr] 4EF6F93B6EEF3F2FC79CC6ADA83BBB93
[C:\WINDOWS\system32\plusspac.scr] 27FC353AA9F919C88769E4E5EBBCF661
[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier [b] C:\DOCUME~1\LA4770~1\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 26092007_21555993.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
qu'est ce que je dois faire maintenant ?
MSNFix 1.521
C:\Documents and Settings\L‚a\Mes documents\MSNFix
Fix exécuté le 26/09/2007 - 21:55:25,42 By L‚a
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\qwere.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\N039_jpg.zip
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
************************ Suppression des fichiers
.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\qwere.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\qwere.exe
.. OK ... C:\qwere.exe
.. OK ... C:\WINDOWS\N039_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\
************************ Nettoyage du registre
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\plusaqar.scr] C7164ECEE91C77C0D1B7B168B80B0A63
[C:\WINDOWS\system32\pluscirc.scr] D274128D6EC74503C99FCD931691BE6A
[C:\WINDOWS\system32\plusdavn.scr] 9BC8A633965004DC061F4E937D3F6949
[C:\WINDOWS\system32\plusmcry.scr] BF4EA995201F01F515391D22141F1117
[C:\WINDOWS\system32\plusmpix.scr] B8B9F9DEE90DDF36D9B4829285ECBEAB
[C:\WINDOWS\system32\plusnatr.scr] 5E757AEE9113F272DB526F290958932D
[C:\WINDOWS\system32\plussand.scr] 4EF6F93B6EEF3F2FC79CC6ADA83BBB93
[C:\WINDOWS\system32\plusspac.scr] 27FC353AA9F919C88769E4E5EBBCF661
[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier [b] C:\DOCUME~1\LA4770~1\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 26092007_21555993.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
qu'est ce que je dois faire maintenant ?
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Disinfection failed
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\g7n4l2o4i4.exe
Deleted
C:\Program Files\Fichiers communs\Carlson\carlton
Infected with: Trojan.Dialer.VUY
C:\Program Files\Fichiers communs\Carlson\carlton
Deleted
C:\qwere.exe
Infected with: Trojan.Dialer.VUY
C:\qwere.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Infected with: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Disinfection failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Deleted
C:\WINDOWS\usnsvc.exe
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\WINDOWS\usnsvc.exe
Disinfection failed
C:\WINDOWS\usnsvc.exe
Deleted
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Disinfection failed
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\g7n4l2o4i4.exe
Deleted
C:\Program Files\Fichiers communs\Carlson\carlton
Infected with: Trojan.Dialer.VUY
C:\Program Files\Fichiers communs\Carlson\carlton
Deleted
C:\qwere.exe
Infected with: Trojan.Dialer.VUY
C:\qwere.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Infected with: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Disinfection failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Deleted
C:\WINDOWS\usnsvc.exe
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\WINDOWS\usnsvc.exe
Disinfection failed
C:\WINDOWS\usnsvc.exe
Deleted
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:42, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GrooveSystemServices.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Scan saved at 22:14:42, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GrooveSystemServices.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Statistics
Time
00:50:57
Files
149066
Folders
4400
Boot Sectors
4
Archives
1651
Packed Files
6726
Results
Identified Viruses
3
Infected Files
12
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
12
Engines Info
Virus Definitions
823951
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Disinfection failed
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\g7n4l2o4i4.exe
Deleted
C:\Program Files\Fichiers communs\Carlson\carlton
Infected with: Trojan.Dialer.VUY
C:\Program Files\Fichiers communs\Carlson\carlton
Deleted
C:\qwere.exe
Infected with: Trojan.Dialer.VUY
C:\qwere.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Infected with: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Disinfection failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Deleted
C:\WINDOWS\usnsvc.exe
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\WINDOWS\usnsvc.exe
Disinfection failed
C:\WINDOWS\usnsvc.exe
Deleted
Time
00:50:57
Files
149066
Folders
4400
Boot Sectors
4
Archives
1651
Packed Files
6726
Results
Identified Viruses
3
Infected Files
12
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
12
Engines Info
Virus Definitions
823951
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/carlton
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/g7n4l2o4i4.exe
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Disinfection failed
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip=>www.N039_jpg-msn.com
Deleted
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip=>backup/N039_jpg.zip
Updated
C:\Documents and Settings\Hé l'eau\Bureau\Nouveau dossier\MSNFix\25092007_22131657.zip
Updated
C:\g7n4l2o4i4.exe
Infected with: Trojan.Dialer.VUY
C:\g7n4l2o4i4.exe
Deleted
C:\Program Files\Fichiers communs\Carlson\carlton
Infected with: Trojan.Dialer.VUY
C:\Program Files\Fichiers communs\Carlson\carlton
Deleted
C:\qwere.exe
Infected with: Trojan.Dialer.VUY
C:\qwere.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0053149.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054171.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Infected with: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Disinfection failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP222\A0054184.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054247.exe
Deleted
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Infected with: Trojan.Dialer.VUY
C:\System Volume Information\_restore{7AA65F6D-D5EA-4476-8153-078FE4E43FD5}\RP223\A0054259.exe
Deleted
C:\WINDOWS\usnsvc.exe
Infected with: DeepScan:Generic.Sdbot.DC3D9A85
C:\WINDOWS\usnsvc.exe
Disinfection failed
C:\WINDOWS\usnsvc.exe
Deleted
