AU SECOUR! win32:tibs-ado[trj]
Résolu
takata31
Messages postés
79
Statut
Membre
-
xiphos -
xiphos -
Bonjour,
ayant eu un avertissement de trojan, j'ai fait un post ici meme. sur un conseil, j'ai installer superantisyware. il a effectivement trouvé 1 trojan. j'ai fait le nettoyage et j'ai refait un scan.
second scan, 2 trojan. re-nettoyage
troisieme scan, 3 trojan.
ai je penser qu'il est en train de se cloner..??
ayant eu un avertissement de trojan, j'ai fait un post ici meme. sur un conseil, j'ai installer superantisyware. il a effectivement trouvé 1 trojan. j'ai fait le nettoyage et j'ai refait un scan.
second scan, 2 trojan. re-nettoyage
troisieme scan, 3 trojan.
ai je penser qu'il est en train de se cloner..??
A voir également:
- AU SECOUR! win32:tibs-ado[trj]
- Télécharger win32 valide pour windows 7 gratuit - Forum Windows
- Puadimanager win32/offercore ✓ - Forum Virus
- PUA:Win32/InstallCore detecté par windows sécurité ✓ - Forum Virus
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Win32 pup gen ✓ - Forum Linux / Unix
89 réponses
bon je suis navré Lyonnais mais c'est tres dur pour moi de rester tard en ligne car je me leve tres tot le matin :-s
grenn day (si tu la connais) me propose de supprimer en manuel le fichier suivant >>
C:\WINDOWS\trashicon.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
qu'en penses tu?
donnes moi ta reponse et je pourrais mettre en oeuvre un truc demain matin... d'ici là, je te souhaite une bonne fin de sooiree.
Je sais que c'est pas facile d'avancer si je ne suis pas là, mais obligation oblige :-) sorry et merci de ta patience :-)
grenn day (si tu la connais) me propose de supprimer en manuel le fichier suivant >>
C:\WINDOWS\trashicon.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
qu'en penses tu?
donnes moi ta reponse et je pourrais mettre en oeuvre un truc demain matin... d'ici là, je te souhaite une bonne fin de sooiree.
Je sais que c'est pas facile d'avancer si je ne suis pas là, mais obligation oblige :-) sorry et merci de ta patience :-)
re, oui je sais pour green day :-)
je viens donc de supprimer le fichier en question, je vais redemarrer et lancer un scan online avec kasper.
juste une question, dans mon explorer sous C:\windows, dans l'arborescence, j'ai un dossier qui est ecrit en bleu o_O j'ai jamais vu ça avant. et tout les fichiers qui sont dedans sont ecrit en bleu aussi. c'est quoi?
voici le nom du dossier $MSI31Uninstall_KB893803v2$
allez je vous souhaite une bonne matinée, a plus tard...
je viens donc de supprimer le fichier en question, je vais redemarrer et lancer un scan online avec kasper.
juste une question, dans mon explorer sous C:\windows, dans l'arborescence, j'ai un dossier qui est ecrit en bleu o_O j'ai jamais vu ça avant. et tout les fichiers qui sont dedans sont ecrit en bleu aussi. c'est quoi?
voici le nom du dossier $MSI31Uninstall_KB893803v2$
allez je vous souhaite une bonne matinée, a plus tard...
Bonjour,
c'est moi qui ait quitté tôt hier.
Trashicon,pas de problème.
Le souci, c'est icu.exe, mal documenté.
On essaye ça :
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\WINDOWS\icu.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
c'est moi qui ait quitté tôt hier.
Trashicon,pas de problème.
Le souci, c'est icu.exe, mal documenté.
On essaye ça :
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\WINDOWS\icu.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
bonjour tout le monde,
bon je vais faire ce que tu demande Lyonnais.
ce matin j'ai refait un scan avec kasper, voici le rapport
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 28, 2008 6:01:31 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/02/2008
Kaspersky Anti-Virus database records: 538854
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64227
Number of viruses found: 3
Number of infected objects: 14
Number of suspicious objects: 0
Duration of the scan process: 00:34:45
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022820080229\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\icu.exe~ Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_608.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
bon je vais faire ce que tu demande Lyonnais.
ce matin j'ai refait un scan avec kasper, voici le rapport
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 28, 2008 6:01:31 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/02/2008
Kaspersky Anti-Virus database records: 538854
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64227
Number of viruses found: 3
Number of infected objects: 14
Number of suspicious objects: 0
Duration of the scan process: 00:34:45
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022820080229\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\icu.exe~ Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_608.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le rapport Virus total sur icu.exe
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.28.2 2008.02.28 -
AntiVir 7.6.0.67 2008.02.28 WORM/Zhelatin.Gen
Authentium 4.93.8 2008.02.28 -
Avast 4.7.1098.0 2008.02.27 -
AVG 7.5.0.516 2008.02.28 I-Worm/Nuwar.N
BitDefender 7.2 2008.02.28 Trojan.Peed.IYX
CAT-QuickHeal 9.50 2008.02.28 Win32.Trojan-Downloader.Tibs.qt.4
ClamAV None 2008.02.28 -
DrWeb 4.44.0.09170 2008.02.28 Trojan.Packed.367
eSafe 7.0.15.0 2008.02.28 Suspicious File
eTrust-Vet 31.3.5571 2008.02.28 -
Ewido 4.0 2008.02.28 -
FileAdvisor 1 2008.02.28 -
Fortinet 3.14.0.0 2008.02.28 -
F-Prot 4.4.2.54 2008.02.27 -
F-Secure 6.70.13260.0 2008.02.28 -
Ikarus T3.1.1.20 2008.02.28 Email-Worm.Win32.Zhelatin.vn
Kaspersky 7.0.0.125 2008.02.28 Email-Worm.Win32.Zhelatin.vn
McAfee 5241 2008.02.28 -
Microsoft 1.3301 2008.02.28 Trojan:Win32/Tibs.FM
NOD32v2 2909 2008.02.28 -
Norman 5.80.02 2008.02.28 -
Panda 9.0.0.4 2008.02.27 Adware/BraveSentry
Prevx1 V2 2008.02.28 Heuristic: Suspicious File With Bad Parent Associations
Rising 20.33.32.00 2008.02.28 Trojan.DL.Win32.Tibs.jev
Sophos 4.27.0 2008.02.28 Mal/Dorf-E
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.02.28 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.28 Trojan.Tibs.Gen!Pac.G
Webwasher-Gateway 6.6.2 2008.02.28 Worm.Zhelatin.Gen
Information additionnelle
File size: 17872 bytes
MD5: c613609b602b7a6c88279a727b43d18e
SHA1: 4573b365687a405b196633e78333de89033f63a3
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=5424A5DFD026E63545FD0037A7E0E0007AB7D8CA
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.28.2 2008.02.28 -
AntiVir 7.6.0.67 2008.02.28 WORM/Zhelatin.Gen
Authentium 4.93.8 2008.02.28 -
Avast 4.7.1098.0 2008.02.27 -
AVG 7.5.0.516 2008.02.28 I-Worm/Nuwar.N
BitDefender 7.2 2008.02.28 Trojan.Peed.IYX
CAT-QuickHeal 9.50 2008.02.28 Win32.Trojan-Downloader.Tibs.qt.4
ClamAV None 2008.02.28 -
DrWeb 4.44.0.09170 2008.02.28 Trojan.Packed.367
eSafe 7.0.15.0 2008.02.28 Suspicious File
eTrust-Vet 31.3.5571 2008.02.28 -
Ewido 4.0 2008.02.28 -
FileAdvisor 1 2008.02.28 -
Fortinet 3.14.0.0 2008.02.28 -
F-Prot 4.4.2.54 2008.02.27 -
F-Secure 6.70.13260.0 2008.02.28 -
Ikarus T3.1.1.20 2008.02.28 Email-Worm.Win32.Zhelatin.vn
Kaspersky 7.0.0.125 2008.02.28 Email-Worm.Win32.Zhelatin.vn
McAfee 5241 2008.02.28 -
Microsoft 1.3301 2008.02.28 Trojan:Win32/Tibs.FM
NOD32v2 2909 2008.02.28 -
Norman 5.80.02 2008.02.28 -
Panda 9.0.0.4 2008.02.27 Adware/BraveSentry
Prevx1 V2 2008.02.28 Heuristic: Suspicious File With Bad Parent Associations
Rising 20.33.32.00 2008.02.28 Trojan.DL.Win32.Tibs.jev
Sophos 4.27.0 2008.02.28 Mal/Dorf-E
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.02.28 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.28 Trojan.Tibs.Gen!Pac.G
Webwasher-Gateway 6.6.2 2008.02.28 Worm.Zhelatin.Gen
Information additionnelle
File size: 17872 bytes
MD5: c613609b602b7a6c88279a727b43d18e
SHA1: 4573b365687a405b196633e78333de89033f63a3
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=5424A5DFD026E63545FD0037A7E0E0007AB7D8CA
Bonjour,
supprime aussi C:\WINDOWS\icu.exe
redémarre l'ordi et refais un scan Kaspersky. Poste le dans ta réponse.
Pour tes fichiers en bleu, ce sont les fichiers de désinstallation des mises à jouir de Windows. Si une installation se passe mal, il est possible de la supprimer.
supprime aussi C:\WINDOWS\icu.exe
redémarre l'ordi et refais un scan Kaspersky. Poste le dans ta réponse.
Pour tes fichiers en bleu, ce sont les fichiers de désinstallation des mises à jouir de Windows. Si une installation se passe mal, il est possible de la supprimer.
voici le nouveau rapport de kasper, il n'a pas changé :-(
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 28, 2008 8:39:49 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/02/2008
Kaspersky Anti-Virus database records: 539831
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64264
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 00:34:42
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022820080229\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP265\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_60c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 28, 2008 8:39:49 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/02/2008
Kaspersky Anti-Virus database records: 539831
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64264
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 00:34:42
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022820080229\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP265\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_60c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
ah beh ça me rassure^^ mais pour le moment je ne sais pas trop comment ça va finir, il a l'air coriace le bougre...!
deux fichiers effacés et le resultat des scan ne change pas.
Lyonnais je m'en remet a toi, c'est ton challenge^^
deux fichiers effacés et le resultat des scan ne change pas.
Lyonnais je m'en remet a toi, c'est ton challenge^^
oui oui, ma determination est là mais ma patience est bien mise a l'epreuve là ^^ si je tenais le pauvre gars qui s'amuse a inventer des trucs pareils, je peux assurer que je lui %@#]*¤ la tête hihihi
mais ma patience est bien mise a l'epreuve là RESPIRE..... c'est presque fini ...
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
Pour te rassurer, les trois bestioles sont dans C:\System Volume Information\_restore ( restauration systeme )
Ils sont bien gardés, il suffit de désactiver puis réactiver la restauration du système pour les supprimer....
Mais bon, vu que Lyonnais a fait tout le boulot, je préfère le laisser terminer....
@+
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036547.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\A0036570.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
Pour te rassurer, les trois bestioles sont dans C:\System Volume Information\_restore ( restauration systeme )
Ils sont bien gardés, il suffit de désactiver puis réactiver la restauration du système pour les supprimer....
Mais bon, vu que Lyonnais a fait tout le boulot, je préfère le laisser terminer....
@+
hein? quoi? je veux savoir !!
expliques moi ça s'il te plait car ce n'est pas tres clair pour moi :-)
expliques moi ça s'il te plait car ce n'est pas tres clair pour moi :-)
Email-Worm.Win32.Zhelatin.vn ----> 1 fichier infecté
Trojan-Clicker.Win32.Agent.ss-------> 10 fichiers infectés
Trojan-Dropper.Win32.Agent.bno --> 2 fichiers infectés
Mais, ils sont bloqués dans la restauration systeme ( ce qui est bien pour toi ) pour l'instant....
Ils sont bien gardés, il suffira de désactiver puis réactiver la restauration du système pour les supprimer....
Mais bon, vu que c'est Lyonnais qui a fait tout le boulot, je préfère le laisser terminer....
Je dis ça en voyant ce dernier rapport....... j'ai peut etre raté un truc, c'est pour quoi, il vaut mieux attendre Lyonnais....
là, tu ne crains rien... il faut juste etre patient...
Trojan-Clicker.Win32.Agent.ss-------> 10 fichiers infectés
Trojan-Dropper.Win32.Agent.bno --> 2 fichiers infectés
Mais, ils sont bloqués dans la restauration systeme ( ce qui est bien pour toi ) pour l'instant....
Ils sont bien gardés, il suffira de désactiver puis réactiver la restauration du système pour les supprimer....
Mais bon, vu que c'est Lyonnais qui a fait tout le boulot, je préfère le laisser terminer....
Je dis ça en voyant ce dernier rapport....... j'ai peut etre raté un truc, c'est pour quoi, il vaut mieux attendre Lyonnais....
là, tu ne crains rien... il faut juste etre patient...
ok ok je m'en remet a lui alors :-)
de toute façon ma patience est determinée^^ donc.....
je comprend ton point de vue vis a vis de Lyonnais, c'est vrai qu'il a fait un gros boulot pour moi et qu'il y a passé beaucoup de son temps. j'attendrais donc qu'il me dise quoi faire car pour moi c'est un peu du chinois^^
merci a toi quand meme car tu as participé a l'eradication de mes soucis :-)
de toute façon ma patience est determinée^^ donc.....
je comprend ton point de vue vis a vis de Lyonnais, c'est vrai qu'il a fait un gros boulot pour moi et qu'il y a passé beaucoup de son temps. j'attendrais donc qu'il me dise quoi faire car pour moi c'est un peu du chinois^^
merci a toi quand meme car tu as participé a l'eradication de mes soucis :-)
Bonsoir,
jorginho, tu n'as rien raté.
Je vous laisse finir.
takata,
ouvre ce lien :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
dans un premier temps tu fais ce qui est dit pour désactiver la restauration système.
Tu fermes les fenêtres.
Tu recommences en faisant ce qui est dit pour activer la restauration système.
jorginho, tu n'as rien raté.
Je vous laisse finir.
takata,
ouvre ce lien :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924
dans un premier temps tu fais ce qui est dit pour désactiver la restauration système.
Tu fermes les fenêtres.
Tu recommences en faisant ce qui est dit pour activer la restauration système.
bon, beh je crois que c'est fini, je viens de redemarrer le pc et scan avec kasper, resultat le systeme est clean!
je sais pas trop quoi dire a part un grand merci a tout le monde car c'etait pas evident quand meme, enfin surtout pour moi ^^
je referais un scan demain matin histoire de confirmer, là je vais aller me coucher car il est temps...
si toutefois tout ça se confirme je vous tire une grande reverence, surtout a Lyonnais qui a fait preuve d'une grande patience et d'un calme a toute epreuve :-)
merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci,
il ne faut jamais desesperer :-) le formatage n'est pas une solution!
je sais pas trop quoi dire a part un grand merci a tout le monde car c'etait pas evident quand meme, enfin surtout pour moi ^^
je referais un scan demain matin histoire de confirmer, là je vais aller me coucher car il est temps...
si toutefois tout ça se confirme je vous tire une grande reverence, surtout a Lyonnais qui a fait preuve d'une grande patience et d'un calme a toute epreuve :-)
merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci, merci,
il ne faut jamais desesperer :-) le formatage n'est pas une solution!
je tiens aussi a dire merci
a raleuboleu pour son soutien :-)
a jorginho67 pour avoir donné des coups de pouces
et a arnaud pour avoir motivé les autres
a demain pour la confirmation :-)
a raleuboleu pour son soutien :-)
a jorginho67 pour avoir donné des coups de pouces
et a arnaud pour avoir motivé les autres
a demain pour la confirmation :-)
bonjour,
bon, message de avast ce matin, un trojan a été trouvé :-(
je l'ai mis en quarantaine... cela sufffit t il a le rendre inactif?
nom du virus >> Win32:small-JQO[trj]
nom du fichier infecté >> MPALF.EXE
je vais donc lancer un scan avec kasper a nouveau en esperant qu'il ne trouve rien....
lorsqu'un fichier est en quarantaine peut on le supprimer? et est il vraiment inactif?
bon, message de avast ce matin, un trojan a été trouvé :-(
je l'ai mis en quarantaine... cela sufffit t il a le rendre inactif?
nom du virus >> Win32:small-JQO[trj]
nom du fichier infecté >> MPALF.EXE
je vais donc lancer un scan avec kasper a nouveau en esperant qu'il ne trouve rien....
lorsqu'un fichier est en quarantaine peut on le supprimer? et est il vraiment inactif?
tu peu faire confiance a green day^^