Virus Brontok A

Résolu
jeanfoux Messages postés 54 Statut Membre -  
 judorange -
Bonjour,
Salut a tous voila j'ai un virus Brontok A et je voudrais savoir comment le supprimer sachant que je peux pas telecharger .
Voila je remercie tous ceux qui voudront bien m'aider.
Configuration: Windows XP
Internet Explorer 6.0

7 réponses

  1. Utilisateur anonyme
     
    *Télécharge http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis sur ton Bureau.
    *Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connexion Internet.
    *Double clique dessus pour lancer l installation . Accepte la licence qui va apparaître par " I agree" .
    *Puis clique sur "Do a system scan and save a logfile"
    *Ferme HijackThis et fais un copier-coller du rapport en entier et poste le ici en réponse.(Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
    Colle le rapport que tu viens de copier sur ce forum
    *Note : le rapport se trouve dans C:\Program Files\Trend Micro\HijackThis
    *Tuto : "générer un rapport" http://pageperso.aol.fr/balltrap34/demohijack.htm
    0
    1. jeanfoux Messages postés 54 Statut Membre 16
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 17:44:50, on 24/05/2008
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.exe
      C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
      C:\WINDOWS\System32\UAService7.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H6AZOYQ0\HiJackThis[1].exe
      C:\WINDOWS\System32\wbem\wmiprvse.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
      O4 - HKCU\..\Run: [Tok-Cirrhatus-3708] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\br8439on.exe"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Empty.pif = ?
      O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
      O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
      O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
      O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
      O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
      O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
      O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
      0
  2. Utilisateur anonyme
     
    Re alors désinstalle tous tes logiciel de sécurité. Et installe AntiVir,Malwarebytes Anti-Malware,Ccleaner et active le pare-feu XP.

    AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
    Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/

    Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

    Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
    Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)

    PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE.
    0
    1. jeanfoux Messages postés 54 Statut Membre 16
       
      sa sert a quoi si je ne fait pas d'analyse?
      0
      1. Utilisateur anonyme > jeanfoux Messages postés 54 Statut Membre
         
        Si tu les feras après mais d'abord tu les télécharges seulement. Puis après on verra.
        0
    2. jeanfoux Messages postés 54 Statut Membre 16
       
      Voila jai terminé les installation et la mise a jour. Je dois faire quoi maintenant? Merci
      0
  3. omar
     
    slt.je crois que vous devrez formater la machine mais si vs avez 2 partitions
    sur votre pc bien sur.
    0
    1. Utilisateur anonyme
       
      Ok Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "report" tu redémarre en mode normal puis tu me postes le rapport.

      Mode sans Echec:

      Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
      Sélectionner "Mode sans échec" et appuie sur [Entrée]
      Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
      Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

      PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
      0
  4. jeanfoux Messages postés 54 Statut Membre 16
     
    Avira AntiVir Personal
    Report file date: samedi 24 mai 2008 18:15

    Scanning for 1165085 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 1) [5.1.2600]
    Boot mode: Save mode
    Username: Administrateur
    Computer name: NEHILA-5DL4TH5U

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
    ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
    Engineversion : 8.1.0.28
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
    AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
    AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
    AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
    AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
    AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
    AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
    AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
    AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
    AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 24 mai 2008 18:15

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Module is infected -> 'C:\Documents and Settings\Administrateur\Local Settings\Application Data\lsass.exe'
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Module is infected -> 'C:\Documents and Settings\Administrateur\Local Settings\Application Data\services.exe'
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Module is infected -> 'C:\Documents and Settings\Administrateur\Local Settings\Application Data\winlogon.exe'
    Scan process 'notepad.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    Process 'lsass.exe' has been terminated
    Process 'services.exe' has been terminated
    Process 'winlogon.exe' has been terminated
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\lsass.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\services.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\winlogon.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!

    17 processes with 14 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    C:\WINDOWS\ShellNew\RakyatKelaparan.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Empty.pif
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!

    The registry was scanned ( '31' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Administrateur\Bureau\fm2008\Data INVITÉ.HP-DEUX.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\fm2008\fiche.php_fichiers\fiche.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\khaled son\musique\musique.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier (4)\F00.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier (4)\F01.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier (4)\F02.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\soprano\soprano.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Bureau\wep\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep_fichiers\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\br8439on.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\csrss.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\inetinfo.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\smss.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\svchost.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes documents.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\Football Manager 2008.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\db\800\800.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\db\800\edt\edt.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\db\800\lnc\lnc.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\db\800\lnc\all\all.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\facegen\facegen.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\languages\languages.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\league_sim\league_sim.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\match events\match events.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\preset_tactics\preset_tactics.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\tables\tables.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\tactics\tactics.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\data\websites\websites.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\jre\jre.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\registration\registration.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\registration\images\images.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall_Football Manager 2008.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Football Manager 2008\Uninstall_Football Manager 2008\resource\resource.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Ma musique.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\iTunes.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\01\10\08\08.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\01\15\15\15.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\03\05\11\11.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\03\09\09\09.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\04\11\11\11.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\09\00\10\10.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\09\06\09\09.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\09\13\01\01.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\11\14\06\06.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\12\00\11\11.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\12\15\06\06.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\iTunes\Album Artwork\Local\E5D76296826F1F7C\15\14\01\01.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Sans titre - 15-03-08\Sans titre - 15-03-08.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\zik.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Akon\Akon.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Algérino\Algérino.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Alibi montana\Alibi montana.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Alpha 5.20\Alpha 5.20`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\autre\autre.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Bakar\Bakar.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Black marche\Black marche.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Booba\Booba.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Diams\Diams.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\El Matador\El Matador.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Felix pyat 143\Felix pyat 143.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Felix pyat 143\felix pyate 143.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Instru\Instru.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Jeff le nerf\Jeff le nerf.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Kamelancien\Kamelancien.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Kamini\Kamini.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Keny Arkana\Keny Arkana.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Kery James\Kery James.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\La Fouine\La Fouine.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Legende Urbaine\Legende Urbaine.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\LIM\LIM.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Mac tyer\mac tyer.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Mafia k'1 fry\mafia k'1 fry.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Mino\Mino.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Ol kainry\Ol kainry.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Playad\Playad.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Psy 4 De La Rime\Psy 4 De La Rime.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Puissance nord\Puissance nord.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Revolution urbaine\Revolution urbaine.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Rohff\rohff.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sale équipe\Sale équipe.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Salif\Salif-Boulogne_Boy-CD-FR-2007-OBC\Salif-Boulogne_Boy-CD-FR-2007-OBC.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sat l'artificier\Sat l'artificier.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sefyu\Sefyu.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sefyu\Nouveau dossier\Nouveau dossier.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sinik\Sinik.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sinik\sinik - le toit du monde\sinik - le toit du monde.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Six coup MC\Six coup MC.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Sniper\Sniper.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Soprano\Soprano.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Soprano\Soprano - Psychanalyse - Nouvel Album - 2006\Soprano - Psychanalyse - Nouvel Album - 2006.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Soprano\Soprano - Puisqu'il Faut Vivre - www.love-mp3.fr.st\Soprano - Puisqu'il Faut Vivre - www.love-mp3.fr.st`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\TLF\TLF-Reves_De_Rue-FR-2007-H5N1\TLF-Reves_De_Rue-FR-2007-H5N1.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Tunisiano\Tunisiano.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Us\Us.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Vitaa\Vitaa.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Zaho\zaho.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Zone\Zone.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Ma musique\zik\Zone\zone\zone.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes images\about.Brontok.A.html
    [DETECTION] Contains detection pattern of the worm WORM/Bro.1
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes images\Mes images.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes images\image\image.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\Mes vidéos.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\Téléchargement RealPlayer\Téléchargement RealPlayer.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\Téléchargements RealPlayer\Téléchargements RealPlayer.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\VIDEOTS\VIDEOTS.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Mes vidéos\VIDEOTS\VIDEO_TS.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\My ISO Files\My ISO Files.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\ramy.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\21_ajouter-un-bas-de-caisse_fichiers\21_ajouter-un-bas-de-caisse_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\21_ajouter-un-bas-de-caisse_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\21_ajouter-un-bas-de-caisse_fichiers\tag_analytics_pub_data\tag_analytics_pub_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\395_fichiers\395_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\395_fichiers\clicks_data\clicks_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\395_fichiers\Un-texte-devant-une-lumiere-avec_data\Un-texte-devant-une-lumiere-avec_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\395_fichiers\Un-texte-devant-une-lumiere-avec_data\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\395_fichiers\Un-texte-devant-une-lumiere-avec_data\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\396_fichiers\396_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\396_fichiers\clicks_data\clicks_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\396_fichiers\Creer-de-l-or-3D-avec-photoshop_data\Creer-de-l-or-3D-avec-photoshop_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\396_fichiers\Creer-de-l-or-3D-avec-photoshop_data\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\396_fichiers\Creer-de-l-or-3D-avec-photoshop_data\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\blog\blog.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\faire-une-signature-avatar_fichiers\faire-une-signature-avatar_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\faire-une-signature-avatar_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\photoshop 8 cs\photoshop 8 cs.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tentacule_organique_fichiers\tentacule_organique_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tentacule_organique_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\texturer_image_fichiers\texturer_image_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\texturer_image_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\TRAfic\TRAfic.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\TRAfic\Rendre une application portable_ - Terre de liberté_fichiers\Rendre une application portable_ - Terre de liberté_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\trucage-photomontage_fichiers\trucage-photomontage_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\trucage-photomontage_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\trucage-photomontage_fichiers\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuiotorial.php_fichiers\tuiotorial.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuiotorial.php_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-bille-metal.php_fichiers\tuto-bille-metal.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-bille-metal.php_fichiers\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-bille-metal.php_fichiers\ads_data_003\ads_data_003.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-effet-grundge-decale.php_fichiers\tuto-effet-grundge-decale.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-effet-grundge-decale.php_fichiers\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-effet-grundge-decale.php_fichiers\ads_data_003\ads_data_003.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-polaroid-3D.php_fichiers\tuto-polaroid-3D.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tuto-polaroid-3D.php_fichiers\ads_data_002\ads_data_002.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tutorial.php_fichiers\tutorial.php_fichiers`.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tutorial.php_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tutoriel-photoshop-belle-signature-en-brushes-t468_fichiers\tutoriel-photoshop-belle-signature-en-brushes-t468_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\tutoriel-photoshop-belle-signature-en-brushes-t468_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\utiliser_outil_plume_fichiers\utiliser_outil_plume_fichiers.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\ramy\utiliser_outil_plume_fichiers\ads_data\ads_data.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Sports Interactive\Football Manager 2008\games\games.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Mes documents\Sports Interactive\Football Manager 2008\tactics\tactics.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\Administrateur\Modèles\15060-NendangBro.com
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4IQXLB4I\fi_nt86[1].exe
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\WINDOWS\KesenjanganSosial.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\WINDOWS\system32\Administrateur's Setting.scr
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\WINDOWS\system32\cmd-brontok.exe
    [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
    [NOTE] The file was deleted!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    End of the scan: samedi 24 mai 2008 18:31
    Used time: 15:54 min

    The scan has been done completely.

    1865 Scanning directories
    66449 Files were scanned
    164 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    161 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    66285 Files not concerned
    812 Archives were scanned
    3 Warnings
    161 Notes

    Voila le rapport.
    0
    1. Utilisateur anonyme
       
      Ok il a détecte et supprimé 161 virus. Ok maintenant fais ceci:

      1) Redémarre en "Mode sans échec"

      Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
      Sélectionner "Mode sans échec" et appuie sur [Entrée]
      Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
      Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

      Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

      2) Scan avec Malwarebyte's Anti-Malware

      *Lance Malwarebyte's Anti-Malware
      *Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
      *A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
      *Suppression des éléments détectés >>>> clique sur Supprimer la sélection
      *S'il t'es demandé de redémarrer >>> clique sur "Yes"

      *--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jeanfoux Messages postés 54 Statut Membre 16
     
    Malwarebytes' Anti-Malware 1.14
    Version de la base de données: 818

    19:23:40 24/05/2008
    mbam-log-5-24-2008 (19-23-40).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 48795
    Temps écoulé: 39 minute(s), 19 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} (Trojan.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c95fe080-8f5d-11d2-a20b-00aa003c157a} (Trojan.BHO) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    J'ai remarqué qua louverture de windows ya un message d'erreur indiquant que kesenjangansosial.exe ne peut s'ouvrir.
    0
    1. Utilisateur anonyme
       
      Ok merci maintenant fais un scan en ligne avec Internet Explorer stp:

      BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
      Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm

      Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
      0
      1. Utilisateur anonyme > Utilisateur anonyme
         
        Tu es la ???
        0
  7. judorange
     
    en gros plus tu met de programme pour te proteger plus tu a de problemmes

    un disque qui ne vas pas sur le net c'est ca la protection tu recup sur un disque et ut installe sur un autre
    les virus sont declancher par le net par tout les programmes pour te proteger il ouvre des porte pour rentrer dans ton disque depuis que j'ai mis tout mes programme dessus le dique qui ne vas pas sur le net plus rien tout marche super plus de virus
    0