Sujet Précédent Sujet Suivant

Troj dloader , worm rbot, sdbot etc...

dlvt Messages postés 40 Statut Membre -  
fanatik81 Messages postés 4 Statut Membre -
Bonjour,

en faisant un scan sur secuser.com, l'antivirus online a détecté plusieurs virus (troj dloader.f, worm rbot.hj, worm sdbot.gen, worm sdbot.ft, etc.)

j'ai pourtant en permanence un antivirus symantec corporate qui n'a rien détecté. j'ai installé par ailleurs avast qui lui détecte également des virus mais ne peut les réparer. il me propose de déplacer des fichiers dans windows et ça m'effraie un peu...

que me conseillez vous ?

merci !

51 réponses

Précédent
Réponse 41 / 51
fanatik81
 
merci merci merci merci
merci beaucoup de ton dépannage en ligne ball trap
0
Réponse 42 / 51
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
de rien
bonne semaine
a++
0
Réponse 43 / 51
fanatik81
 
re moi je viens d aller sur ton site perso super sympa
il est super beau ton fauve de bretagne
on s'en ai fait piquer un il n'y pas longtemps

ca y est je suis sauver j'espere merci beaucoup
0
Réponse 44 / 51
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
elle est jeune et tres craintive
mais je pense que c est du a la race
j en connait d autres et c est pareil
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 51
fanatik81
 
je suis toujours emmerdée
je vais sur yahoo.fr et je ne peut plus jouer aux cartes je peut faire quoi?
je suis pénible je sais
0
Réponse 46 / 51
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
qu est ce qui t en empeche
cela te dit quoi
0
fanatik81
 
bonjour balll trap
en fait mon ordi s'éteins tout seul et j'arrete pas de choper des logiciels publicitaires et des logiciels espiondés norton me les analyse mais ne les supprime pas ad aware fait pareil
j'en ai plus que marre je crois que je vais formater
merci de ton aide
pour les jeux un coup ce marche un coup pas il me dit erreur sur la page#stay here
0
fanatik81
 
j'ai aussi un message d'erreur que se met : dax error 18/03/2005 is not valid date voila ce de plus encore
merci ball trap
0
fanatik81 Messages postés 4 Statut Membre
 
en fait si je ferme cette fenetre et ce message d'erreur en cliquant sur ok mon ordi s'eteint sinon rien ne bouge.Ce message s'ouvre sur chaque page internet qui s'ouvre
0
fanatik81
 
c'est re moi
voila je viens d'essayer spybot s et d il me trouve 3 host redirigé et 5 data source object exploit mais c'est quoi ces bestioles
j'y comprend rien merci encore de ton aide
0
fanatik81
 
laisse tomber ball trap j'ai tout formaté. J ai mis spybot s et d et antivir mon norton et mon ad aware et j'espere etre tranquille
encore merci pour ton aide
0
Réponse 47 / 51
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
dommage pour tes donnees
a++
0
Réponse 48 / 51
christelle14 Messages postés 6 Statut Membre
 
Bonjour,

En faisant un scan sur secuser.com, l'antivirus online a détecté plusieurs virus .... troj istbar.du troj istbar.po troj istbar.pb troj dloeder.rs et troj generic
J' ai Avast comme antivirus, a-square, et spybot... mais rien n'y fait... pouvez vous m'aider? merci
0
Réponse 49 / 51
christelle14 Messages postés 6 Statut Membre
 
bonjour voici le raport fait avec ewido anti spyware---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 16:10:03 14/08/2006

+ Scan result:

C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/dmfiles.cab/AltnetUninstall.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/pmexe.cab/Points Manager.exe -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/pmfiles.cab/sysdetect.dll -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\2fb949d0a1b592987e9eaf38781bb161.a2q/Program Files/newdotnet/uninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-583907252-261903793-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0b5307514b1cee38acd4ba434f90ff83.a2q/WINDOWS/downloaded program files/webp2pinstaller.dll -> Adware.PeerNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-583907252-261903793-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\d28ad87cc4c0a22901fd84e1dc5da673.a2q/Program Files/surfaccuracy/SAccU.exe -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Hitmobile\Num.exe -> Heuristic.Win32.Dialer : Ignored.
C:\Documents and Settings\xxx\Mes documents\Downloads\!!!!! quoi que je fasse nouvelle version 52.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\(full version) quoi que je fasse remix 58.zip/setup.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\enlightment @ quoi que je fasse remix 55.zip/setup.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\je ne t'oublierai jamais 00.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Local Settings\Temp\ICD1.tmp\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Ignored.
:mozilla.7:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.8:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.9:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.26:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.64:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.65:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.66:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.62:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@estat[1].txt -> TrackingCookie.Estat : Cleaned.
:mozilla.33:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.34:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.35:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.36:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.38:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.172:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.134:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.135:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.136:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.137:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.112:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.126:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.53:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.54:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.154:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.158:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.162:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.163:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.164:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.18:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.19:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.20:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.21:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.22:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end
0
Réponse 50 / 51
christelle14 Messages postés 6 Statut Membre
 
et voici le raport fait avec bitdefender online, j'ai eu plusieurs trojan qu'il m'a mis en quarantaine je crois....je vais faire HijackThis maintenant.....>

BitDefender Online Scanner -Scan Report<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<meta name="generator" content="Namo WebEditor v5.0(Trial)">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >

<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender
Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan report generated
at: Mon, Aug 14, 2006 - 17:46:04</b></span></font></p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan
path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;G:\;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistics</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Time</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">01:21:38</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">510057</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Folders</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6643</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Boot Sectors</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">3692</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Packed Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">63900</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Results</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Identified Viruses </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">8</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Infected Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">10</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Suspect Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Disinfected</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Deleted Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">15</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Engines Info</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus Definitions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">444449</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Engine build</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">13</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">39</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">5</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">System plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">First Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Disinfect</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Second Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Delete</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristics</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Enable Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scanned Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>

<tr>
<td width="57%">
<p><font face="Arial" size="2">Exclude Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Packed</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td colspan=2>  
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scanned File</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Status</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0016</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.NewDotNet.B.Dropper</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0016</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Small.BKE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Swizzor.EM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.JM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: GenPack:Trojan.Swizzor.LZ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.JM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.Gator</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.Gator</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.LU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.VB.L</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr>
</table>
</td>

<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

</table>
<p> </p>

</body>
</html>
0
Réponse 51 / 51
christelle14 Messages postés 6 Statut Membre
 
Bonjour,

En faisant un scan sur secuser.com, l'antivirus online a détecté plusieurs virus .... troj istbar.du troj istbar.po troj istbar.pb troj dloeder.rs et troj generic
J' ai Avast comme antivirus, a-square, et spybot... mais rien n'y fait... pouvez vous m'aider? merci

voici le raport que j'ai fais avec ewido anti spyware---------------------------------------------------------
ewido anti-spyware - Scan Report ---------------------------------------------------------

+ Created at: 16:10:03 14/08/2006

+ Scan result:

C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/dmfiles.cab/AltnetUninstall.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/pmexe.cab/Points Manager.exe -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0cb713fbaebb08806a19b53eaeb69d4e.a2q/WINDOWS/temp/altnet/pmfiles.cab/sysdetect.dll -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\2fb949d0a1b592987e9eaf38781bb161.a2q/Program Files/newdotnet/uninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-583907252-261903793-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\0b5307514b1cee38acd4ba434f90ff83.a2q/WINDOWS/downloaded program files/webp2pinstaller.dll -> Adware.PeerNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-583907252-261903793-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Program Files\a-squared Anti-Malware\Quarantine\d28ad87cc4c0a22901fd84e1dc5da673.a2q/Program Files/surfaccuracy/SAccU.exe -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Hitmobile\Num.exe -> Heuristic.Win32.Dialer : Ignored.
C:\Documents and Settings\xxx\Mes documents\Downloads\!!!!! quoi que je fasse nouvelle version 52.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\(full version) quoi que je fasse remix 58.zip/setup.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\enlightment @ quoi que je fasse remix 55.zip/setup.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Mes documents\Downloads\je ne t'oublierai jamais 00.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\Documents and Settings\xxx\Local Settings\Temp\ICD1.tmp\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Ignored.
:mozilla.7:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.8:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.9:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.26:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.64:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.65:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.66:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.62:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@estat[1].txt -> TrackingCookie.Estat : Cleaned.
:mozilla.33:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.34:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.35:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.36:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.38:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.172:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.134:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.135:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.136:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.137:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.112:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.126:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.53:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.54:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.154:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.158:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.162:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.163:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.164:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\xxx\Cookies\xxx@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.18:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.19:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.20:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.21:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.22:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\xxx\Application Data\Mozilla\Firefox\Profiles\68pm15be.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\xxx\Local Settings\Temp\Cookies\xxx@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end

maintenant le raport que j'ai fais avec bitdefender online, j'ai eu plusieurs trojan qu'il m'a mis en quarantaine je crois....je vais faire HijackThis maintenant.....>

BitDefender Online Scanner -Scan Report<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<meta name="generator" content="Namo WebEditor v5.0(Trial)">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >

<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender
Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan report generated
at: Mon, Aug 14, 2006 - 17:46:04</b></span></font></p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan
path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;G:\;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistics</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Time</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">01:21:38</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">510057</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Folders</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6643</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Boot Sectors</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">3692</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Packed Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">63900</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Results</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Identified Viruses </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">8</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Infected Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">10</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Suspect Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Disinfected</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Deleted Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">15</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Engines Info</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus Definitions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">444449</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Engine build</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">13</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">39</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">5</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">System plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">First Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Disinfect</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Second Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Delete</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristics</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Enable Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scanned Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>

<tr>
<td width="57%">
<p><font face="Arial" size="2">Exclude Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Packed</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td colspan=2>
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scanned File</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Status</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0016</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.NewDotNet.B.Dropper</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0016</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Small.BKE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe=>wise0017</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\xxx\Mes documents\MES FICHIERS RECUS\54648.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Swizzor.EM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q=>Program Files/Adverts/uninst.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\2ac605ba8af5b39a832aa16bfb3f24b3.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.JM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q=>Program Files/sidefind/update/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\34164f3ff7e2d39c44b88157c2b3599b.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: GenPack:Trojan.Swizzor.LZ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q=>Documents and Settings/xxx/Local Settings/temp/sta6.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\39929f27f875d333d1a46a19fe48fd5a.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.JM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q=>Documents and Settings/xxx/Local Settings/temp/sidefind.exe=>(Quarantine-PE)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\a-squared Anti-Malware\Quarantine\990af65ef01013b05510f383f10017f7.a2q</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.Gator</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0022</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Application.Adware.Gator</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe=>wise0027</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\iMeshV4.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Istbar.LU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0=>setup.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Kazaa\My Shared Folder\tombe raider.RB0</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Updated</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Clicker.VB.L</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Program Files\Norton AntiVirus\Quarantine\2B197CE7=>(Quarantine-2)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr>
</table>
</td>

<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

</table>
<p> </p>

et alors voici le rapport avec :
Logfile of HijackThis v1.99.1
Scan saved at 18:47:55, on 14/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Startup Mechanic\StartupMonitor.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\CTFMON.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planet Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: (no name) - _{CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ch\msntb.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ch\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Program Files\Startup Mechanic\StartupMonitor.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Registration Myst V
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm763YYBE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mpga: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr/
O15 - Trusted Zone: http://www.hamoir-foot.be
O16 - DPF: FortisCzPc - https://www.fortisbanking.be/FortisCzPC.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://christchristellelouvrier.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/30f969366abd4da4d314/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - https://www.photolitto.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by24fd.bay24.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{5863C78B-8E71-4A32-A8DA-C08BF5879E04}: NameServer = 195.238.2.21 195.238.2.22
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0

Discussions similaires

Virus Worm.Win32.Autorun.mjd
mehdoux -
anthony5151 -

17 réponses
Worm/mazebat.B.91
Tysope -
toptitbal -

1 réponse
kapucen worm 77
k -
^^Marie^^ -

1 réponse
Worm WIN32, trojans SillyDL DIC,Rolepi GM
vinoth91 -
vinoth91 -

5 réponses