Sujet Précédent Sujet Suivant

Virus msn

Fermé
july - 15 mai 2008 à 17:08
 july - 18 mai 2008 à 21:34
Bonjour,

J'ai moi aussi attrapé le virus msn et j'ai pas d'anti virus
j'ai lus les autres conversations avec les rapports ...mais je n'y connais rien au niveau imformatique.
Si quelq'un pouvais m'aider...svp
A voir également:

10 réponses

Réponse 1 / 10
Utilisateur anonyme
15 mai 2008 à 19:56
salut

pour ton prob telecharge antivir mes le a jour puis fait un scan en mode normale et sans echec puis en mode normale et supprime tous se qu'il trouve

reglages pour antivir :

une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level


aussi clic sur guard puis coche scan archive puis tu decoche les 3 case en dessous puis ok
1
july
15 mai 2008 à 20:03
Merci pour ta reponse mais eceque tu peux m'indiquer ou telecharger antivi???
0
Réponse 2 / 10
LilK972 Messages postés 79 Date d'inscription jeudi 15 mai 2008 Statut Membre Dernière intervention 4 décembre 2008 11
15 mai 2008 à 17:10
Une ptite précision ne serait pas du luxe, il fait quoi ton virus ?
0
Réponse 3 / 10
july
15 mai 2008 à 17:11
Je précise que j'ai pas d'anti virus parceque je vennais de formatter mon ordinateur...et oui pas de chance.
Merci d'avance.
july
0
LilK972 Messages postés 79 Date d'inscription jeudi 15 mai 2008 Statut Membre Dernière intervention 4 décembre 2008 11
15 mai 2008 à 17:12
d'accord mais ton virus il fait quoi ? il te change ton pseudo, envois des liens à tes contacts ? il fait quoi ?
0
july > LilK972 Messages postés 79 Date d'inscription jeudi 15 mai 2008 Statut Membre Dernière intervention 4 décembre 2008
15 mai 2008 à 19:53
B1 ouai il envoi des lien a mes contacts et si ils l'ouvre il attrape le virus...enfete c le truc ou il y a marqué :"c qoi cet tof de toi sur ce site"...
0
Réponse 4 / 10
Utilisateur anonyme
15 mai 2008 à 20:04
sur https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html

et c'est antivir
0
july
15 mai 2008 à 20:38
Alors g telecharger antivir mais je trouve pas le petit plus rootki... ou tu me di de cliqué sur le petit +
Merci pour ton aide
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
Utilisateur anonyme
15 mai 2008 à 20:39
c'est pas grave laisse tomber l'etape la mais fait la suite:

puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
0
july
15 mai 2008 à 20:54
C bon j'ai fait tous ce que tu ma dit mais il ce passe rien après...la fenetre s'en vas et voila...c normal??
Merci de ta patience
0
july > july
15 mai 2008 à 21:06
Et aussi j'ai un message qui se met en faisant un bruit.
Qu'est ce que c'est...Il faut que je coche quoi??
0
Réponse 6 / 10
Utilisateur anonyme
17 mai 2008 à 09:50
delete et ok

fais vite un scan avec antivir!!

aide antivir:


https://www.malekal.com/avira-free-security-antivirus-gratuit/
0
july
18 mai 2008 à 12:39
Merci beaucoup...ce site ma bien aidé et juste une dernière petite question: Est-ce-que quand je fais delete sa me supprime des fichiers???
0
Réponse 7 / 10
Utilisateur anonyme
18 mai 2008 à 12:41
oui le fichier qui est infecter
0
july
18 mai 2008 à 19:45
Voila le rapport:

Est-ce-que c'est bon??


Avira AntiVir Personal
Report file date: samedi 17 mai 2008 09:00

Scanning for 1276115 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MAISON-CC391841

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 01:08:39
ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 17/05/2008 01:08:40
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 17/05/2008 01:09:52
AESCN.DLL : 8.1.0.18 119156 Bytes 17/05/2008 01:09:47
AERDL.DLL : 8.1.0.20 418165 Bytes 17/05/2008 01:09:45
AEPACK.DLL : 8.1.1.5 364918 Bytes 17/05/2008 01:09:35
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 17/05/2008 01:09:25
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 17/05/2008 01:09:21
AEHELP.DLL : 8.1.0.14 115063 Bytes 17/05/2008 01:08:58
AEGEN.DLL : 8.1.0.21 303477 Bytes 17/05/2008 01:08:56
AEEMU.DLL : 8.1.0.6 430451 Bytes 17/05/2008 01:08:48
AECORE.DLL : 8.1.0.29 168311 Bytes 17/05/2008 01:08:44
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 17 mai 2008 09:00

Starting search for hidden objects.
'38032' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'YzToolBar.exe' - '1' Module(s) have been scanned
Scan process 'ObjectDock.exe' - '1' Module(s) have been scanned
Scan process 'ѕvchost.exe' - '1' Module(s) have been scanned
Scan process 'JavaCore.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '29' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\bureau\Local Settings\Temporary Internet Files\Content.IE5\EKA8T4X3\SW2007SDK[2].exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0004183.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0004185.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0004186.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0004193.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0005193.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP23\A0005194.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP24\A0005203.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP24\A0005210.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP24\A0006216.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP24\A0006217.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP26\A0006293.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP26\A0006294.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP26\A0006302.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP27\A0006326.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP29\A0006477.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP29\A0006478.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP29\A0006485.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006550.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006551.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006552.exe
[DETECTION] Is the Trojan horse TR/Proxy.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006553.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ndt
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006554.exe
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006558.exe
--> Object
[1] Archive type: RSRC
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.Purity.BV.7
--> Object
[DETECTION] Is the Trojan horse TR/Dldr.PurityScan.FJ.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006559.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006560.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006561.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006562.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006563.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006564.dll
[DETECTION] Is the Trojan horse TR/BHO.AB.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006565.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.ezc.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006566.exe
[DETECTION] Is the Trojan horse TR/BHO.blh.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006567.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.jih.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006568.exe
[DETECTION] Is the Trojan horse TR/Agent.CZF
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006569.exe
[DETECTION] Is the Trojan horse TR/BHO.AB.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006570.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006571.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006572.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006573.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was deleted!
Begin scan in 'D:\' <Archivage>
Begin scan in 'E:\' <Bureau>
E:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006574.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
E:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006575.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.AO.96
[NOTE] The file was deleted!
E:\System Volume Information\_restore{748AAFB5-BBDB-4E50-91CF-A346582E7087}\RP31\A0006576.exe
[DETECTION] Contains detection pattern of the dropper DR/Gator.3202.12
[NOTE] The file was deleted!
Begin scan in 'F:\'
Begin scan in 'G:\'


End of the scan: samedi 17 mai 2008 09:47
Used time: 47:14 min

The scan has been done completely.

5429 Scanning directories
236276 Files were scanned
42 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
41 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
236234 Files not concerned
1400 Archives were scanned
3 Warnings
41 Notes
38032 Objects were scanned with rootkit scan
0 Hidden objects were found
0
Réponse 8 / 10
Utilisateur anonyme
18 mai 2008 à 19:46
non pas encore maintenant tu fais ca :

* Télécharger Combifix (by Subs) sur cette page :
* http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Enregistrez le sur le bureau
* Déconnectez vous d'internet et fermez toutes tes applications et programmes
* Double-cliquez sur combo-fix.exe
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée sous la racine: C:\Combofix.txt

Remarque : combo se charge de supprimer un certain nombre de fichiers infectés liés à bagle.
Il est impératif de télécharger combo par le lien donné précédemment ( version renommée ) ou alors de renommer vous même combo ( clic droit sur le fichier < renommer ), car sinon Combo sera totalement inefficace face à Bagle !
(vous pouver renomer combofix en n'importe quoi comme killer ou tuer etc...)

vous me poster le rapport
0
july
18 mai 2008 à 20:49
ComboFix 08-05-15.3 - jeux 2008-05-17 10:46:01.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.214 [GMT 2:00]
Endroit: E:\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\bureau\Local Settings\Temporary Internet Files\CPV.stt
C:\Documents and Settings\bureau\real.txt
C:\Documents and Settings\jeux\Local Settings\Temporary Internet Files\bestwiner.stt
C:\Documents and Settings\jeux\Local Settings\Temporary Internet Files\CPV.stt
C:\Documents and Settings\jeux\Menu Démarrer\Programmes\Outerinfo
C:\Documents and Settings\jeux\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
C:\Documents and Settings\jeux\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
C:\Documents and Settings\jeux\real.txt
C:\Program Files\CPV
C:\Program Files\inetget2
C:\Program Files\JavaCore
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\FF.dll
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\Svconr
C:\Program Files\Temporary
C:\WINDOWS\b149.exe
C:\WINDOWS\b152.exe
C:\WINDOWS\b156.exe
C:\WINDOWS\system32\fnts~1
C:\WINDOWS\system32\fnts~1\?vchost.exe
C:\WINDOWS\system32\hbgrti.dll
C:\WINDOWS\system32\real.txt
C:\WINDOWS\system32\sstem3~1
C:\WINDOWS\system32\sstem3~1\s?stem32\

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-17 to 2008-05-17 ))))))))))))))))))))))))))))))))))))
.

2008-05-16 06:41 . 2008-05-16 06:41 244 --ah----- C:\sqmnoopt09.sqm
2008-05-16 06:41 . 2008-05-16 06:41 232 --ah----- C:\sqmdata09.sqm
2008-05-16 01:40 . 2008-05-16 01:40 268 --ah----- C:\sqmdata08.sqm
2008-05-16 01:40 . 2008-05-16 01:40 244 --ah----- C:\sqmnoopt08.sqm
2008-05-16 01:00 . 2008-05-16 01:00 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-05-15 14:23 . 2008-05-15 14:23 <REP> d-------- C:\Program Files\Avira
2008-05-15 14:23 . 2008-05-17 03:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-13 22:22 . 2008-05-13 22:22 244 --ah----- C:\sqmnoopt07.sqm
2008-05-13 22:22 . 2008-05-13 22:22 232 --ah----- C:\sqmdata07.sqm
2008-05-13 11:55 . 2008-05-13 11:55 244 --ah----- C:\sqmnoopt06.sqm
2008-05-13 11:55 . 2008-05-13 11:55 232 --ah----- C:\sqmdata06.sqm
2008-05-12 22:29 . 2008-05-12 22:29 268 --ah----- C:\sqmdata04.sqm
2008-05-12 22:29 . 2008-05-12 22:29 244 --ah----- C:\sqmnoopt05.sqm
2008-05-12 22:29 . 2008-05-12 22:29 244 --ah----- C:\sqmnoopt04.sqm
2008-05-12 22:29 . 2008-05-12 22:29 232 --ah----- C:\sqmdata05.sqm
2008-05-12 20:36 . 2008-05-12 20:36 <REP> d---s---- C:\Documents and Settings\bureau\UserData
2008-05-12 13:03 . 2008-05-12 13:03 244 --ah----- C:\sqmnoopt03.sqm
2008-05-12 13:03 . 2008-05-12 13:03 232 --ah----- C:\sqmdata03.sqm
2008-05-11 23:08 . 2008-05-11 23:08 244 --ah----- C:\sqmnoopt02.sqm
2008-05-11 23:08 . 2008-05-11 23:08 232 --ah----- C:\sqmdata02.sqm
2008-05-11 20:11 . 2008-05-14 13:46 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico
2008-05-11 20:11 . 2008-05-11 20:11 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-05-11 19:40 . 2008-05-11 19:40 <REP> d-------- C:\Program Files\Spcron
2008-05-10 22:14 . 2008-05-10 22:14 244 --ah----- C:\sqmnoopt01.sqm
2008-05-10 22:14 . 2008-05-10 22:14 232 --ah----- C:\sqmdata01.sqm
2008-05-09 14:31 . 2008-05-09 14:31 244 --ah----- C:\sqmnoopt00.sqm
2008-05-09 14:31 . 2008-05-09 14:31 232 --ah----- C:\sqmdata00.sqm
2008-05-07 07:52 . 2008-05-07 07:53 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-28 14:12 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-28 14:12 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-04-28 14:12 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-27 18:45 . 2008-04-28 06:31 <REP> d-------- C:\Documents and Settings\jeux\Contacts
2008-04-27 17:54 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-27 17:53 . 2008-04-27 17:53 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-27 17:42 . 2008-04-27 17:42 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-27 17:20 . 2008-04-27 17:30 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-27 17:19 . 2008-04-28 15:39 <REP> d-------- C:\Program Files\Windows Live
2008-04-27 17:19 . 2008-04-27 17:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-25 22:50 . 2008-04-25 22:51 2,184 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-25 20:36 . 2008-04-25 22:51 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2008-04-25 20:36 . 2008-04-25 22:51 43,052 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-04-25 20:35 . 2008-04-25 22:50 <REP> d-------- C:\WINDOWS\BricoPacks
2008-04-24 14:06 . 2008-04-24 14:06 <REP> d---s---- C:\Documents and Settings\jeux\UserData
2008-04-24 00:03 . 2008-05-14 13:42 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-04-24 00:03 . 2006-10-16 16:10 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-04-23 22:25 . 2008-04-25 10:12 385 --a------ C:\WINDOWS\ODBC.INI
2008-04-23 22:22 . 2008-04-23 22:24 <REP> d-------- C:\WINDOWS\ShellNew
2008-04-23 22:14 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\bureau\Voisinage réseau
2008-04-23 22:14 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\bureau\Voisinage d'impression
2008-04-23 22:14 . 2008-04-23 08:48 <REP> d--h----- C:\Documents and Settings\bureau\Modèles
2008-04-23 22:14 . 2008-05-09 14:27 <REP> dr------- C:\Documents and Settings\bureau\Mes documents
2008-04-23 22:14 . 2008-04-22 14:06 <REP> dr------- C:\Documents and Settings\bureau\Menu Démarrer
2008-04-23 22:14 . 2008-05-12 20:36 <REP> dr------- C:\Documents and Settings\bureau\Favoris
2008-04-23 22:14 . 2008-04-23 22:15 <REP> d-------- C:\Documents and Settings\bureau\Bureau
2008-04-23 22:14 . 2008-05-17 10:47 <REP> d-------- C:\Documents and Settings\bureau
2008-04-23 22:14 . 2008-05-17 10:48 1,024 --ah----- C:\Documents and Settings\bureau\ntuser.dat.LOG
2008-04-23 21:47 . 2008-04-23 21:47 <REP> d---s---- C:\Documents and Settings\asy\UserData
2008-04-23 21:41 . 2002-12-05 06:01 820,864 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2008-04-23 21:41 . 2002-12-05 06:01 241,664 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2008-04-23 21:41 . 2002-12-05 06:01 62,336 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2008-04-23 21:41 . 2002-12-05 06:01 44,032 -ra------ C:\WINDOWS\system32\OpenAL32.dll
2008-04-23 21:41 . 2002-12-05 06:01 44,032 -ra------ C:\WINDOWS\system32\nvopenal.dll
2008-04-23 21:41 . 2002-12-05 06:01 30,720 -ra------ C:\WINDOWS\system32\nvasio.dll
2008-04-23 21:41 . 2002-12-05 06:01 13,056 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2008-04-23 21:41 . 2002-12-05 06:01 5,120 -ra------ C:\WINDOWS\system32\ALut.dll
2008-04-23 21:41 . 2002-12-05 06:01 4,096 -ra------ C:\WINDOWS\system32\nvack.dll
2008-04-23 21:39 . 2002-09-23 04:37 80,896 -ra------ C:\WINDOWS\system32\drivers\NVENET.sys
2008-04-23 21:39 . 2002-09-23 04:37 1,024 -ra------ C:\WINDOWS\system32\drivers\jedih2rx.bin
2008-04-23 21:39 . 2002-09-23 04:37 122 -ra------ C:\WINDOWS\system32\drivers\ramsed.bin
2008-04-23 21:39 . 2002-09-23 04:37 42 -ra------ C:\WINDOWS\system32\drivers\jedireg.pat
2008-04-23 11:47 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-04-23 11:47 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-23 11:47 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-04-23 11:46 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-04-23 11:46 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-04-23 11:32 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\jeux\Voisinage réseau
2008-04-23 11:32 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\jeux\Voisinage d'impression
2008-04-23 11:32 . 2008-04-23 08:48 <REP> d--h----- C:\Documents and Settings\jeux\Modèles
2008-04-23 11:32 . 2008-05-14 21:16 <REP> dr------- C:\Documents and Settings\jeux\Mes documents
2008-04-23 11:32 . 2008-04-22 14:06 <REP> dr------- C:\Documents and Settings\jeux\Menu Démarrer
2008-04-23 11:32 . 2008-05-14 17:11 <REP> dr------- C:\Documents and Settings\jeux\Favoris
2008-04-23 11:32 . 2008-05-17 06:11 <REP> d-------- C:\Documents and Settings\jeux\Bureau
2008-04-23 11:32 . 2008-05-17 10:47 <REP> d-------- C:\Documents and Settings\jeux
2008-04-23 11:32 . 2008-05-17 10:47 520,192 --ah----- C:\Documents and Settings\jeux\ntuser.dat.LOG
2008-04-23 09:10 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\asy\Voisinage réseau
2008-04-23 09:10 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\asy\Voisinage d'impression
2008-04-23 09:10 . 2008-04-23 08:48 <REP> d--h----- C:\Documents and Settings\asy\Modèles
2008-04-23 09:10 . 2008-04-23 09:10 <REP> dr------- C:\Documents and Settings\asy\Mes documents
2008-04-23 09:10 . 2008-04-22 14:06 <REP> dr------- C:\Documents and Settings\asy\Menu Démarrer
2008-04-23 09:10 . 2008-04-23 21:48 <REP> dr------- C:\Documents and Settings\asy\Favoris
2008-04-23 09:10 . 2008-04-22 14:06 <REP> d-------- C:\Documents and Settings\asy\Bureau
2008-04-23 09:10 . 2008-04-23 21:47 <REP> d-------- C:\Documents and Settings\asy
2008-04-23 09:10 . 2008-05-17 10:45 1,024 --ah----- C:\Documents and Settings\asy\ntuser.dat.LOG
2008-04-22 14:10 . 2004-08-04 01:07 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008-04-22 14:08 . 2004-08-19 18:09 4,274,816 --a------ C:\WINDOWS\system32\nv4_disp.dll
2008-04-22 14:06 . 2008-05-14 17:15 <REP> d--hs---- C:\WINDOWS\Installer
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\Default User\Voisinage réseau
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\Default User\Voisinage d'impression
2008-04-22 14:06 . 2008-04-23 08:48 <REP> d--h----- C:\Documents and Settings\Default User\Modèles
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d-------- C:\Documents and Settings\Default User\Mes documents
2008-04-22 14:06 . 2008-04-22 14:06 <REP> dr------- C:\Documents and Settings\Default User\Menu Démarrer
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d-------- C:\Documents and Settings\Default User\Favoris
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d-------- C:\Documents and Settings\Default User\Bureau
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d--h----- C:\Documents and Settings\All Users\Modèles
2008-04-22 14:06 . 2008-04-23 22:24 <REP> dr------- C:\Documents and Settings\All Users\Menu Démarrer
2008-04-22 14:06 . 2008-04-22 14:06 <REP> d-------- C:\Documents and Settings\All Users\Favoris
2008-04-22 14:06 . 2008-04-23 08:50 <REP> dr------- C:\Documents and Settings\All Users\Documents
2008-04-22 14:06 . 2008-05-09 14:33 <REP> d-------- C:\Documents and Settings\All Users\Bureau
2008-04-22 14:05 . 2008-05-17 09:06 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2008-04-22 14:05 . 2008-04-22 14:05 <REP> d-------- C:\WINDOWS\system32\CatRoot
2008-04-22 14:05 . 2004-08-19 20:07 1,013,912 -ra------ C:\WINDOWS\SET3.tmp
2008-04-22 14:04 . 2008-04-23 08:53 <REP> d--h----- C:\Documents and Settings\Default User
2008-04-22 14:04 . 2008-04-23 08:52 <REP> d-------- C:\Documents and Settings\All Users
2008-04-22 14:04 . 2008-04-23 22:14 <REP> d-------- C:\Documents and Settings
2008-04-22 14:03 . 2008-04-23 08:56 261 --a------ C:\WINDOWS\system32\$winnt$.inf

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-25 18:36 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-04-23 06:53 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-23 06:51 --------- d-----w C:\Program Files\Services en ligne
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-08 01:07 217,088 ----a-w C:\Program Files\pyroxyju821058.dll
.

------- Sigcheck -------

2008-02-16 11:32 670208 dcb8a9f102663d962be60cde38a6c1d7 C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
2004-08-19 18:09 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtUninstallKB947864$\wininet.dll
2008-02-16 11:02 812032 a0e92e45767aec2c42ea7fb13b05a04c C:\WINDOWS\system32\wininet.dll
2008-02-16 11:02 812032 a0e92e45767aec2c42ea7fb13b05a04c C:\WINDOWS\system32\dllcache\wininet.dll

2007-06-13 15:22 2119168 f2baf212ff37c741cb1269f4574f8ed3 C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-19 18:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 2119168 f2baf212ff37c741cb1269f4574f8ed3 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1682181D-C022-4D8B-B712-ADE817015D96}]
2008-02-08 03:07 217088 --a------ C:\Program Files\.\pyroxyju821058.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36136DF6-D1AB-40A4-8E8D-2E1BBF82A898}]
C:\Program Files\Online Services\lavukacy870.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 18:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Aulo"="C:\WINDOWS\system32\SSTEM3~1\scanregw.exe" [ ]
"Ygtcr"="C:\WINDOWS\system32\F?nts\?vchost.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 18:09 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

C:\Documents and Settings\jeux\Menu D‚marrer\Programmes\D‚marrage\
Stardock ObjectDock.lnk - F:\Quentin\Longhorn Inspirat\ObjectDock\ObjectDock.exe [2005-02-21 15:56:00 1826885]
Y'z Toolbar.lnk - F:\Quentin\Longhorn Inspirat\YzToolBar\YzToolBar.exe [2002-09-29 15:41:00 90112]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\[u]0[/u]]
Source= C:\Program Files\Online Services\profsyxyvi.html
FriendlyName=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=


*Newly Created Service* - APPMGMT
*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-17 10:47:52
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-17 10:48:27
ComboFix-quarantined-files.txt 2008-05-17 08:48:25

Pre-Run: 15,408,631,808 octets libres
Post-Run: 16,585,654,272 octets libres

230 --- E O F --- 2008-05-16 01:01:19


Alors qu'est ce que je dois faire??

merci
0
Réponse 9 / 10
Utilisateur anonyme
18 mai 2008 à 20:50
ok

télécharge hijackthis fais un scan et colle moi le log ici
0
july
18 mai 2008 à 20:56
Mais sa sert a quoi de faire plusieurs scans avec différents trucs???
0
Réponse 10 / 10
Utilisateur anonyme
18 mai 2008 à 20:58
de voir si tu a encore quelque chose !! avec combofix t'en avais encore il te les a supprimer maintenant on regarde s'il t'en reste
0
july
18 mai 2008 à 21:34
Ou je pourrais telecharger hijackthis???
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Peut on retrouver des conversations MSN?
Moi51 -
benzar -

36 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
impossible de me connecter a msn hotmail
Regis -
marino_u -

4 réponses