Virus vicieux...

Le Forum Windows XP
Scanner Windows pour détecter les erreurs de registre

Ce que nous vous conseillons :

1. Lisez les réponses ci-dessous où vous trouverez des conseils et de l'aide de la part des autres utilisateurs.

2. Avant de faire des modifications sur votre système ou d'installer des logiciels, nous vous recommandons
    fortement de cliquer ici pour scanner Windows afin de détecter les erreurs de registre.



Messagepar tabehodai » 28 Juin 2006, 10:56

Au cas où ce message apparaîtrait deux fois je m'en excuse mais il semblerait que mon 1er post n'ait pas été enregistré.

Bonjour à tous,

Depuis quelques jours j'ai un problème avec mon portable, un Dell Inspiron 6000, lorsque je l'allume il se bloque une fois sur deux. Impossible de lancer quoi que ce soit, il démarre normalement, demande le mot de passe, affiche le bureau et ensuite plus moyen de rien faire!

J'utilise BitDefender 8, AVG, AdAware, Spycatcher, Ewido, SpyBot, Regcleaner en temps normal mais j'ai également fait un scan on line avec Panda et Kaspersky.

Ce matin je me suis également aperçu que deux dossiers avaient disparus de mon disque dur, ce n'est pas grave car j'ai des sauvegardes mais c'est pour le moins gênant!

Pour ceux ou celles qui pourraient me donner leur avis vous trouverez ci-dessous le log de Hijackthis ainsi que le rapport généré par Panda et Kaspersky.

Petite précision; il semblerait qu'un exe qui n'avait jamais fait parler de lui tourne en ce moment, avec des accès disques erratiques: bdmcon.exe...

Donc voici le log et les rapports:

HIJACKTHIS

Logfile of HijackThis v1.99.1
Scan saved at 09:11:34, on 28/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesIntelWirelessBinEvtEng.exe
C:Program FilesIntelWirelessBinS24EvMon.exe
C:Program FilesIntelWirelessBinWLKeeper.exe
C:WINDOWSsystem32brsvc01a.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesIntelWirelessBinZcfgSvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1IntelWirelessBin1XConfig.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:Program FilesIntelWirelessBinifrmewrk.exe
C:Program FilesDellQuickSetquickset.exe
C:WINDOWSsystem32dlatfswctrl.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
C:Program FilesSoftwinBitDefender8bdmcon.exe
C:Program FilesSoftwinBitDefender8bdnagent.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesScanSoftPaperPortpptd40nt.exe
C:Program Filesewido anti-spyware 4.0ewido.exe
C:Program FilesRamBoost XPrambxpfr.exe
C:Program FilesFichiers communsDataVizDvzIncMsgr.exe
C:Program FilesDigital Line DetectDLG.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:Program Filesewido anti-spyware 4.0guard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7Debugmdm.exe
C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe
C:Program FilesIntelWirelessBinRegSrvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wwSecure.exe
C:Program FilesFichiers communsSoftwinBitDefender Communicatorxcommsvr.exe
C:Program FilesFichiers communsSoftwinBitDefender Scan Serverbdss.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:TransitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.lemonde.fr/
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.dell.fr/myway
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:Program FilesSpyCatcher 2006SCActiveBlock.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSsystem32dlatfswshx.dll
O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:Program FilesPalmFireConverterBrowserHelperObject.dll
O2 - BHO: (no name) - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [IntelWireless] C:Program FilesIntelWirelessBinifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM..Run: [Dell QuickSet] C:Program FilesDellQuickSetquickset.exe
O4 - HKLM..Run: [DVDLauncher] "C:Program FilesCyberLinkPowerDVDDVDLauncher.exe"
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [IMJPMIG8.1] "C:WINDOWSIMEimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 - HKLM..Run: [dla] C:WINDOWSsystem32dlatfswctrl.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKLM..Run: [BDMCon] "C:Program FilesSoftwinBitDefender8bdmcon.exe"
O4 - HKLM..Run: [BDNewsAgent] "C:Program FilesSoftwinBitDefender8bdnagent.exe"
O4 - HKLM..Run: [BootSkin Startup Jobs] "C:Program FilesStardockWinCustomizeBootSkinBootSkin.exe" /StartupJobs
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [SpyCatcher Reminder] "C:Program FilesSpyCatcher 2006SpyCatcher.exe" reminder
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [SSBkgdUpdate] "C:Program FilesFichiers communsScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot
O4 - HKLM..Run: [PaperPort PTD] C:Program FilesScanSoftPaperPortpptd40nt.exe
O4 - HKLM..Run: [IndexSearch] C:Program FilesScanSoftPaperPortIndexSearch.exe
O4 - HKLM..Run: [ControlCenter2.0] C:Program FilesBrotherControlCenter2brctrcen.exe /autorun
O4 - HKLM..Run: [!ewido] "C:Program Filesewido anti-spyware 4.0ewido.exe" /minimized
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [RamBoostXp] C:Program FilesRamBoost XPrambxpfr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:Program FilesBrotherBrmfcmonBrMfcWnd.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:Program FilesFichiers communsDataVizDvzIncMsgr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:Program FilesPalmHotsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: SpyCatcher Protector.lnk = C:Program FilesSpyCatcher 2006Protector.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - AppInit_DLLs: interceptor.dll
O20 - Winlogon Notify: IntelWireless - C:Program FilesIntelWirelessBinLgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:Program FilesFichiers communsSoftwinBitDefender Scan Serverbdss.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:WINDOWSsystem32brsvc01a.exe
O23 - Service: EvtEng - Intel Corporation - C:Program FilesIntelWirelessBinEvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:Program Filesewido anti-spyware 4.0guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:Program FilesFichiers communsMacromedia SharedServiceMacromedia Licensing.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:Program FilesIntelWirelessBinRegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:Program FilesIntelWirelessBinS24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:Program FilesIntelWirelessBinWLKeeper.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:WINDOWSsystem32wwSecure.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:Program FilesFichiers communsSoftwinBitDefender Communicatorxcommsvr.exe" /service (file missing)

PANDA

Incident Statut Analyse

Adware:adware/swimsuitnetwork No Désinfecté c:windowssystem32MYDLL.dll
Spyware:Cookie/Xiti No Désinfecté C:Documents and SettingsMiyakoApplication DataMozillaFirefoxProfiles12qcngzp.defaultcookies.txt[.xiti.com/]
Spyware:Cookie/Weborama No Désinfecté C:Documents and SettingsMiyakoApplication DataMozillaFirefoxProfiles12qcngzp.defaultcookies.txt[.weborama.fr/]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000005.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000019.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000333.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000477.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000820.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0000876.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0001416.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0001445.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0001470.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0001497.~]
Virus:Exploit/iFrame Désinfecté C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox[~0001645.~]
Spyware:Cookie/Weborama No Désinfecté C:Documents and SettingsMiyakoCookiesmiyako@weborama[2].txt
Outil indésirable:Application/Processor No Désinfecté C:Fichiers sourceSmitfraudFix.zip[SmitfraudFix/Process.exe]
Outil indésirable:Application/Processor No Désinfecté C:Fichiers sourceSuppression SystemUpDate_SmitfraudFixProcess.exe
Virus:W32/Ugalebi.A Désinfecté C:My Shared FolderAdobe Illustrator CS 11.exe
Virus:W32/Ugalebi.A Désinfecté C:My Shared FolderAdobe Illustrator CS Keygen(1).exe
Virus:W32/Ugalebi.A Désinfecté C:My Shared FolderKazaa.Lite.Revolution.2.6.English.exe


KASPERSKY

Scan Statistics
Total number of scanned objects 51213
Number of viruses found 3
Number of infected objects 29 / 0
Number of suspicious objects 0
Duration of the scan process 00:37:13

Infected Object Name Virus Name Last Action
C:Documents and SettingsAll UsersApplication DataGrisoftAvg7Dataavg7log.log Object is locked skipped

C:Documents and SettingsAll UsersApplication DataGrisoftAvg7Dataavg7log.log.lck Object is locked skipped

C:Documents and SettingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat Object is locked skipped

C:Documents and SettingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat Object is locked skipped

C:Documents and SettingsAll UsersApplication DataQSLLPSVCShare Object is locked skipped

C:Documents and SettingsLocalServiceCookiesindex.dat Object is locked skipped

C:Documents and SettingsLocalServiceLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat Object is locked skipped

C:Documents and SettingsLocalServiceLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat.LOG Object is locked skipped

C:Documents and SettingsLocalServiceLocal SettingsHistoriqueHistory.IE5index.dat Object is locked skipped

C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat Object is locked skipped

C:Documents and SettingsLocalServiceNTUSER.DAT Object is locked skipped

C:Documents and SettingsLocalServicentuser.dat.LOG Object is locked skipped

C:Documents and SettingsMiyakoApplication DataAVG7Logemc.log Object is locked skipped

C:Documents and SettingsMiyakoApplication DataMozillaFirefoxProfiles12qcngzp.defaulthistory.dat Object is locked skipped

C:Documents and SettingsMiyakoApplication DataMozillaFirefoxProfiles12qcngzp.defaultparent.lock Object is locked skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 15:58:57 +1300]/=?gb2312?B?obi5+utIxr26zYVmwabR0L6/hlShucS8vK+kzqSq1qqk6aS7o6jE2ul3uK6jqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 20:25:32 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 16:10:21 +1300]/=?gb2312?B?uuHtmtlSytCky6SqpLGk68PXuqPcisjLpMuk6KTryNWxvsjLxa7Q1JqiuqbI3dLJysK8/qOouMXSqqOpLmRvYw==?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 19:57:10 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 21:09:50 +1300]/=?gb2312?B?0KHIqr50wO2kzqXIpeuls9RMhpYuZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 23:28:13 +1300]/=?gb2312?B?yM7G2ri2zeKE1cqhwpqGVKTOxVKVcsS8vK8uZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.clubinternet-2.frInbox Mail Berkeley mbox: infected - 6 skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox/[From Luc Wolljung ][Date Tue, 03 Jan 2006 02:53:48 +0100]/text/[From Luc Wolljung ][Date Mon, 15 May 2006 16:51:37 +0200]/text/[From MidAmerica Bank ][Date Sat, 10 Jun 2006 07:14:52 -0400]/html Infected: Trojan-Spy.HTML.Fraud.f skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox/[From Luc Wolljung ][Date Tue, 03 Jan 2006 02:53:48 +0100]/text/[From Luc Wolljung ][Date Mon, 15 May 2006 16:51:37 +0200]/text Infected: Trojan-Spy.HTML.Fraud.f skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox/[From Luc Wolljung ][Date Tue, 03 Jan 2006 02:53:48 +0100]/text Infected: Trojan-Spy.HTML.Fraud.f skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-1.comInbox Mail Berkeley mbox: infected - 3 skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 15:55:14 +1300]/=?gb2312?B?obi5+utIxr26zYVmwabR0L6/hlShucS8vK+kzqSq1qqk6aS7o6jE2ul3uK6jqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 20:23:12 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 16:08:39 +1300]/=?gb2312?B?uuHtmtlSytCky6SqpLGk68PXuqPcisjLpMuk6KTryNWxvsjLxa7Q1JqiuqbI3dLJysK8/qOouMXSqqOpLmRvYw==?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 16:21:15 +1300]/=?gb2312?B?uuHtmtlSytCky6SqpLGk68PXuqPcisjLpMuk6KTryNWxvsjLxa7Q1JqiuqbI3dLJysK8/qOouMXSqqOpLmRvYw==?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 19:55:45 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Mon, 16 Jan 2006 20:18:45 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 21:08:19 +1300]/=?gb2312?B?0KHIqr50wO2kzqXIpeuls9RMhpYuZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 21:32:42 +1300]/=?gb2312?B?0KHIqr50wO2kzqXIpeuls9RMhpYuZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 23:26:50 +1300]/=?gb2312?B?yM7G2ri2zeKE1cqhwpqGVKTOxVKVcsS8vK8uZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox/[From "Yoshiyuki MIHOKI" ][Date Tue, 17 Jan 2006 23:37:17 +1300]/=?gb2312?B?yM7G2ri2zeKE1cqhwpqGVKTOxVKVcsS8vK8uZG9j?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comInbox Mail Berkeley mbox: infected - 10 skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comSent/[From Akiko ][Date Sat, 31 Dec 2005 07:29:52 +0100]/=?windows-1252?Q?=CD=E2=84=D5=B4=F3=B3=BC=BB=E1=D2=8A=D3=9B=E5h=A3=A8=C6=BD?==?windows-1252?Q?=B3=C918=C4=EA1=D4=C2=A3=A9?=/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 20:23:12 +1300]/=?gb2312?B?zeKE1bTzs7y74dKK05vlaKOoxr2zyTE4xOox1MKjqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comSent/[From Akiko ][Date Sat, 31 Dec 2005 07:29:52 +0100]/=?windows-1252?Q?=CD=E2=84=D5=B4=F3=B3=BC=BB=E1=D2=8A=D3=9B=E5h=A3=A8=C6=BD?==?windows-1252?Q?=B3=C918=C4=EA1=D4=C2=A3=A9?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comSent/[From Akiko ][Date Sat, 31 Dec 2005 07:29:52 +0100]/=?windows-1252?Q?=A1=B8=B9=FA=EBH=C6=BD=BA=CD=85f=C1=A6=D1=D0=BE=BF=86T=A1?==?windows-1252?Q?=B9=C4=BC=BC=AF=A4=CE=A4=AA=D6=AA=A4=E9=A4=BB=A3=A8=C4=DA?==?windows-1252?Q?=E9w=B8=AE=A3/[From "Yoshiyuki MIHOKI" ][Date Wed, 11 Jan 2006 15:55:14 +1300]/=?gb2312?B?obi5+utIxr26zYVmwabR0L6/hlShucS8vK+kzqSq1qqk6aS7o6jE2ul3uK6jqS5kb2M=?= Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comSent/[From Akiko ][Date Sat, 31 Dec 2005 07:29:52 +0100]/=?windows-1252?Q?=A1=B8=B9=FA=EBH=C6=BD=BA=CD=85f=C1=A6=D1=D0=BE=BF=86T=A1?==?windows-1252?Q?=B9=C4=BC=BC=AF=A4=CE=A4=AA=D6=AA=A4=E9=A4=BB=A3=A8=C4=DA?==?windows-1252?Q?=E9w=B8=AE=A3 Infected: Trojan-Dropper.MSWord.Lafool.h skipped

C:Documents and SettingsMiyakoApplication DataThunderbirdProfilesoypxhh78.defaultMailpop3.miyakoparis-4.comSent Mail Berkeley mbox: infected - 4 skipped

C:Documents and SettingsMiyakoCookiesindex.dat Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat.LOG Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMozillaFirefoxProfiles12qcngzp.defaultCache_CACHE_001_ Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMozillaFirefoxProfiles12qcngzp.defaultCache_CACHE_002_ Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMozillaFirefoxProfiles12qcngzp.defaultCache_CACHE_003_ Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsApplication DataMozillaFirefoxProfiles12qcngzp.defaultCache_CACHE_MAP_ Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsHistoriqueHistory.IE5index.dat Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsHistoriqueHistory.IE5MSHist012006062820060629index.dat Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsTempfnmA3.tmp Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsTempfnmA4.tmp Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsTempPerflib_Perfdata_57c.dat Object is locked skipped

C:Documents and SettingsMiyakoLocal SettingsTemporary Internet FilesContent.IE5index.dat Object is locked skipped

C:Documents and SettingsMiyakoMes documentsACTDatabasee842fda6-2519-423d-897b-1e92c9f410a9.ima/[From "noreply@ebay.com"][Date Thu, 12 May 2005 13:40:00 +0000]/html Infected: Trojan-Spy.HTML.Bayfraud.ev skipped

C:Documents and SettingsMiyakoMes documentsACTDatabasee842fda6-2519-423d-897b-1e92c9f410a9.ima Mail: infected - 1 skipped

C:Documents and SettingsMiyakoNTUSER.DAT Object is locked skipped

C:Documents and SettingsMiyakontuser.dat.LOG Object is locked skipped

C:Documents and SettingsNetworkServiceLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat Object is locked skipped

C:Documents and SettingsNetworkServiceLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat.LOG Object is locked skipped

C:Documents and SettingsNetworkServiceNTUSER.DAT Object is locked skipped

C:Documents and SettingsNetworkServicentuser.dat.LOG Object is locked skipped

C:System Volume InformationMountPointManagerRemoteDatabase Object is locked skipped

C:WINDOWSDebugPASSWD.LOG Object is locked skipped

C:WINDOWSSchedLgU.Txt Object is locked skipped

C:WINDOWSSoftwareDistributionReportingEvents.log Object is locked skipped

C:WINDOWSSti_Trace.log Object is locked skipped

C:WINDOWSsystem32CatRoot2edb.log Object is locked skipped

C:WINDOWSsystem32CatRoot2tmp.edb Object is locked skipped

C:WINDOWSsystem32configAppEvent.Evt Object is locked skipped

C:WINDOWSsystem32configDEFAULT Object is locked skipped

C:WINDOWSsystem32configdefault.LOG Object is locked skipped

C:WINDOWSsystem32configSAM Object is locked skipped

C:WINDOWSsystem32configSAM.LOG Object is locked skipped

C:WINDOWSsystem32configSecEvent.Evt Object is locked skipped

C:WINDOWSsystem32configSECURITY Object is locked skipped

C:WINDOWSsystem32configSECURITY.LOG Object is locked skipped

C:WINDOWSsystem32configSOFTWARE Object is locked skipped

C:WINDOWSsystem32configsoftware.LOG Object is locked skipped

C:WINDOWSsystem32configSysEvent.Evt Object is locked skipped

C:WINDOWSsystem32configSYSTEM Object is locked skipped

C:WINDOWSsystem32configsystem.LOG Object is locked skipped

C:WINDOWSsystem32h323log.txt Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSINDEX.BTR Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSINDEX.MAP Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSMAPPING.VER Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSMAPPING1.MAP Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSMAPPING2.MAP Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSOBJECTS.DATA Object is locked skipped

C:WINDOWSsystem32wbemRepositoryFSOBJECTS.MAP Object is locked skipped
tabehodai
 

Messagepar tabehodai » 28 Juin 2006, 11:11

C'est vraiment bizarre le post qui apparaît sur le forum est en fait composé de 2 posts différents et en plus il manque la fin! Allez comprendre, peut-être un autre tour du virus???

J'ai oublié de préciser que j'avais passé Bitdefender et Ewido ainsi qu'AdAware en mode sans échec avec la restauration système désactivée.

En tout cas merci d'avance pour toute suggestion, cordialement,

Tabehodai.
tabehodai
 

Messagepar JoShuA » 28 Juin 2006, 13:24

Bonjour

Beaucoup trop de programmes dit de "sécurité" qui tournent en parallèle à mon goût ... Il y a possibilité qu'ils se "mordent la queue" et donc deviennent totalement inutiles.
Avatar de l’utilisateur
JoShuA
Modérateur
 
Messages: 7246
Inscrit le: 02 Jan 2002, 15:37
Localisation: IdF

Messagepar survivor » 30 Juin 2006, 15:23

Bonjour

moi, je laisserais un parefeu et un antivirus et j'arréterais tous les autre que je désinstallerais sauf spybot et adaware avec seulment adaware en résident.
Dernière édition par survivor le 30 Juin 2006, 15:23, édité 1 fois au total.
sed tantum dic verbo et sanabitur computerum meum
Avatar de l’utilisateur
survivor
Modérateur
 
Messages: 4054
Inscrit le: 18 Juil 2002, 10:14
Localisation: grand Nord

Messagepar LeLapinFou » 30 Juin 2006, 15:49

tout a fait ce que JoShuA a dit..... Image
Avatar de l’utilisateur
LeLapinFou
Modérateur
 
Messages: 9511
Inscrit le: 09 Déc 2002, 10:25
Localisation: 0001 Processeur Ville

Messagepar survivor » 02 Juil 2006, 09:43

mais en plus précis ;)
sed tantum dic verbo et sanabitur computerum meum
Avatar de l’utilisateur
survivor
Modérateur
 
Messages: 4054
Inscrit le: 18 Juil 2002, 10:14
Localisation: grand Nord


Retour vers Windows XP

Qui est en ligne ?

Utilisateurs parcourant actuellement ce forum : Aucun utilisateur inscrit et 4 invités

  •  Liens commerciaux



cron