VT100 et pe virut a (RESOLU)

Comme on me l'a conseillé je crée mon propre post

j'avais des problemes de reboot intempestif
et un log VT100 qui essaye de se connecter

je suis passé en mode sans echec
j'ai effectué un ccleaner
puis un scan ewido
et enfin un hijack

je post les rapports

(j'avais fais un hijack en mode sans echec avant le ccleaner et ewido et la ligne :
O4 - HKLM\..\Run: [VT100 Emulator] G:\WINDOWS\System32\VT100.EXE
aparaisait

voila le ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 00:25:17 06/07/2006

+ Scan result:

HKU\S-1-5-21-1957994488-1767777339-725345543-500\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\YSBactivex.Installer -> Adware.YourSiteBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\YSBactivex.Installer\CLSID -> Adware.YourSiteBar : Cleaned with backup (quarantined).
F:\atriermule\(Crack) Warhammer 40000 Dawn of War NOCD.zip/(Crack) Warhammer 40000 Dawn of War NOCD [p2p-11066].exe -> Dialer.Intexdial : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld10AD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld117A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1189.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1222.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld123D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld134.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld14E9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1524.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1606.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld16C1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld16C5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1871.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld187B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1C55.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1C72.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1C83.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1C89.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1CED.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1D02.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1D0D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1D37.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1EA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1F20.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld1FFE.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld206C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld207E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld220D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld22EF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld234A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2352.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld23D9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld23E3.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld24A1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld251E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2552.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld257.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld29A8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2E68.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2EA3.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld2EAB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld306.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld30D5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3334.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3437.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld34EF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3507.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3539.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3685.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld36A0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld36F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld37D6.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld38DA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3AAF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3B1E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3B34.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3B69.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3B7B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3C93.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3E1D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3EC7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld3F7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld40A6.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld411B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld42B9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld43A8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld454.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld45E8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld465B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld467D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4787.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld47CC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4A91.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4C34.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4C83.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4CBA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4CC2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld4DD4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld501C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5253.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5281.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld52C7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld554C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld55CB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld560E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5678.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld577B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld588B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld58FD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5C8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5CB7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5CF4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5DAB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5E11.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld5F00.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6081.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld61D1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld628F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6416.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld641E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6446.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6542.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld67A3.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld681F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld694F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld69E5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6A18.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6AF7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6AF9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6C6A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld6DB1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7145.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld719F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld72.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld730A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld74A1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld74BA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld751F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld753.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7585.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7732.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7764.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7849.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld78EA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld794D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld79A4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld79C1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7A0B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7A10.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7AB7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7B5F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7B7B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7C7D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7C8E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7DA2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7DA9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7EBE.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld7F27.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8153.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld81B7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld826D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld83.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8385.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8392.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld83A0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld842A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld849F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8515.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld86DD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld88C9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8B59.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8C6B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8CF1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8D14.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8E80.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld8F37.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld903F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9066.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld911D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9166.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9298.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld931E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld93B5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld95D6.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld964D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld99E7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9A20.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9BF8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9C70.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9CA0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9D1D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9D86.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ld9DD2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA05D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA0F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA11.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA2CD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA41E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA4E2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA5C5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA6DC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA75B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA8A7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldA958.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldAB07.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldAB5D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldAB96.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldAC18.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldAD4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldADF6.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB0E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB12C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB145.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB250.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB25F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB293.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB2BC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB3AA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB443.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB4FD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB542.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB631.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB6C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldB83E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBA63.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBAAC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBAB1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBB19.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBB9B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBBBB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBC66.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBC8C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBD7E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBDC2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBE3B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBED.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBF40.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldBFD1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC075.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC1E5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC2AA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC2C2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC397.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC3BB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC6D0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC75F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC90E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC98D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC9A9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldC9B4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldCDF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldCE03.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD108.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD1CD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD2F3.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD38B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD3F1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD428.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD486.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD502.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD715.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD7D9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldD862.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDA94.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDAD1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDAF9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDB1B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDB2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDBF1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDC43.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDC8A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDD70.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDFD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldDFF9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE0FA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE15C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE24E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE5A2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE5E0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE5E4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE82E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE86C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldE919.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldEB9D.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldEC86.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldEC9A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldECBD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldEEA9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldEF80.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF1DA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF262.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF2DE.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF2E1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF3C5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF3EE.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF5B5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF61E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF754.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF7C4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF838.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF988.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF9CC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldF9E2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFA2A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFA97.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFAC8.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFB24.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFB2F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFCC5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFD8C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFE2E.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFE54.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFE8F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
G:\WINDOWS\system32\1024\ldFECF.tmp -> Trojan.Small : Cleaned with backup (quarantined).

::Report end

Puis le hijjack

Logfile of HijackThis v1.99.1
Scan saved at 00:26:22, on 06/07/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\ewido anti-spyware 4.0\ewido.exe
G:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "G:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] G:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [MessengerPlus3] "G:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "G:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NVMixerTray] "G:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nTrayFw] G:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "G:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MessengerPlus3] "G:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "G:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: g:\windows\system32\nvappfilter.dll
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/software [...] cracks.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 1932367122
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - G:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - G:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - G:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - G:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - G:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\System32\nvsvc32.exe

voila
si qq chose vous frappe merci de me le signaler

Yaha

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Re

Beau nettoyage d'Ewido.

Relance un scan HijackThis et coche les lignes ci-dessous :

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/

Colle son rapport ici.

Répondre à chercheur_

bon j'ai pas du faire tout comme y faut : je post le resultat de kaspersky qd meme :

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER - RAPPORT
jeudi 6 juillet 2006 02:03:31
Système d'exploitation : Microsoft Windows XP Professional, (Build 2600)
Version de Kaspersky On-line Scanner: 5.0.78.0
Dernière mise à jour de la base antivirus Kaspersky : 6/07/2006
Enregistrements dans la base antivirus Kaspersky : 192733
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie.: vrai

Cible de l'analyse - Poste de travail:
A:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\

Statistiques de l'analyse:
Total d'objets analysés :: 95310
Nombre de virus trouvés: 4
Nombre d'objets infectés: 40
Nombre d'objets suspects: 0
Durée de l'analyse: 01:11:23

Nom de l'objet infecté / Nom du virus / Dernière action
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF\vt101[2].exe Infecté: Virus.Win32.Virut.a ignoré
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF\vt101[3].exe Infecté: Virus.Win32.Virut.a ignoré
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF\vt101[4].exe Infecté: Virus.Win32.Virut.a ignoré
G:\WINDOWS\system32\regperf.exe Infecté: Trojan-Downloader.Win32.Zlob.we ignoré
G:\WINDOWS\system32\i Infecté: Trojan-Downloader.BAT.Ftp.ab ignoré
G:\WINDOWS\system32\AVASTSS.scr Infecté: Virus.Win32.Virut.a ignoré
G:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavuninstall.exe Infecté: Virus.Win32.Virut.a ignoré
G:\WINDOWS\system32\__delete_on_reboot__w_i_n_m_m_t_3_2_._d_l_l_ Infecté: Trojan.Win32.Agent.vg ignoré
G:\WINDOWS\system32\__delete_on_reboot__l_d_1_0_1_._t_m_p_ Infecté: Trojan-Downloader.Win32.Zlob.we ignoré
G:\WINDOWS\explorer.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Documents and Settings\Administrateur\Bureau\LSPFix.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\copyx64.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashLogV.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashPopWz.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashQuick.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\aswRegSvr.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashSimp2.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashServ.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashSimpl.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashSkPcc.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashSkPck.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashUpd.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\sched.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashChest.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\Alwil Software\Avast4\ashBug.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\DivX\DivX Player\DivX Player.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\CCleaner\ccleaner.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\ewido anti-spyware 4.0\guard.exe._old_ Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\ewido anti-spyware 4.0\guard.exe Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\ewido anti-spyware 4.0\ewido.exe._old_ Infecté: Virus.Win32.Virut.a ignoré
G:\Program Files\ewido anti-spyware 4.0\ewido.exe Infecté: Virus.Win32.Virut.a ignoré
G:\FOUND.005\FILE0001.CHK Infecté: Trojan-Downloader.Win32.Zlob.we ignoré
G:\FOUND.012\FILE0000.CHK Infecté: Trojan-Downloader.Win32.Zlob.we ignoré
G:\NVIDIA\WinXP64\66.96\nvudisp.exe Infecté: Virus.Win32.Virut.a ignoré

Analyse terminée.

il a pas l'air d'avoir nettoyé

je vai me pieuter et je verrasidemain

merci bp de ton aide chercheurPCA
j'ai deja pas mal avancé

Yaha

Répondre à YaHa@IDN

Re

1 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

2 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
Si certains fichiers résistent, supprime les en mode sans échec.

G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF
G:\WINDOWS\system32\regperf.exe
G:\WINDOWS\system32\i
G:\WINDOWS\system32\__delete_on_reboot__w_i_n_m_m_t_3_2_._d_l_l_
G:\WINDOWS\system32\__delete_on_reboot__l_d_1_0_1_._t_m_p_

3 Lance le nettoyage avec CCleaner.

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

4 Fais une analyse antivirus en ligne sur BitDefender
http://www.bitdefender.fr/scan8/ie.html

Colle son rapport ici.

Répondre à chercheur_

Bonjour ! merci de ton aide ChercheurPCA

bon j'ai fais ce que tu as dis, je n'ai trouvé que le premier repertoire, les autres fichiers je ne les trouvent pas par contre bitdefender à l'air d'en trouver qq un
je post le rapport bitdefender :

F:\lotr2\Keygen By Deviance\keygen.exe
Infecté par: Win32.Virtob.C
F:\lotr2\Keygen By Deviance\keygen.exe
Désinfecté
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\25R6DG8M\vt101[3].exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\25R6DG8M\vt101[3].exe
Désinfecté
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF\vt101[1].exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N7BBV7LF\vt101[1].exeDésinfecté

G:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk=>G:\WINDOWS\explorer.exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk=>G:\WINDOWS\explorer.exe
Désinfecté
G:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk
Echec de la mise à jour
G:\WINDOWS\system32\AVASTSS.scr
Infecté par: Win32.Virtob.C
G:\WINDOWS\system32\AVASTSS.scr

Désinfecté

G:\WINDOWS\system32\i

Infecté par: Backdoor.BotGet.FtpB.Gen
G:\WINDOWS\system32\i

Supprimé
G:\WINDOWS\system32\bios.rom
Infecté par: Backdoor.BotGet.FtpB.Gen
G:\WINDOWS\system32\bios.rom
Supprimé
G:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavuninstall.exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavuninstall.exe
Désinfecté
G:\WINDOWS\explorer.exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\explorer.exe
Echec de la désinfection
G:\WINDOWS\explorer.exe
<Echec de la suppression
G:\WINDOWS\bdoscandel.exe
Infecté par: Win32.Virtob.C
G:\WINDOWS\bdoscandel.exe
Désinfecté
<G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Connexions réseau.lnk=>G:\WINDOWS\explorer.exe
<Infecté par: Win32.Virtob.C
<G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Connexions réseau.lnk=>G:\WINDOWS\explorer.exe
Désinfecté
G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Connexions réseau.lnk
Echec de la mise à jour
G:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX\DivX Player\DivX Player.lnk=>G:\Program Files\DivX\DivX Player\DivX Player.exe
<Infecté par: Win32.Virtob.C
G:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX\DivX Player\DivX Player.lnk=>G:\Program Files\DivX\DivX Player\DivX Player.exe
Désinfecté
<G:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX\DivX Player\DivX Player.lnk
Mis à jour
G:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk=>G:\Program Files\CCleaner\ccleaner.exe
Infecté par: Win32.Virtob.C
G:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk=>G:\Program Files\CCleaner\ccleaner.exe
Désinfecté
G:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk
Mis à jour
G:\Documents and Settings\Administrateur\Bureau\LSPFix.exe
Infecté par: Win32.Virtob.C
G:\Documents and Settings\Administrateur\Bureau\LSPFix.exe
Désinfecté
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
Désinfecté
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
Désinfecté
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
Désinfecté
G:\Program Files\Avast\ashSimpl.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashSimpl.exe
Désinfecté
G:\Program Files\Avast\ashSkPcc.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashSkPcc.exe
Désinfecté
G:\Program Files\Avast\ashSkPck.exe
<Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashSkPck.exe
Désinfecté

G:\Program Files\Avast\ashUpd.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashUpd.exe
Désinfecté
G:\Program Files\Avast\ashWebSv.exe
Infecté par: Win32.Virtob.C

G:\Program Files\Avast\ashWebSv.exe
Echec de la désinfection
G:\Program Files\Avast\ashWebSv.exe
echec de la suppression

G:\Program Files\Avast\sched.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\sched.exe
Désinfecté
G:\Program Files\Avast\ashBug.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashBug.exe
Désinfecté
G:\Program Files\Avast\ashChest.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashChest.exe
Désinfecté
G:\Program Files\Avast\ashLogV.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashLogV.exe
Désinfecté
G:\Program Files\Avast\ashPopWz.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashPopWz.exe
Désinfecté
G:\Program Files\Avast\ashQuick.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashQuick.exe
Désinfecté
G:\Program Files\Avast\ashSimp2.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\ashSimp2.exe
Désinfecté
G:\Program Files\Avast\aswRegSvr.exe
Infecté par: Win32.Virtob.C
G:\Program Files\Avast\aswRegSvr.exe
Désinfecté
G:\Program Files\ewido anti-spyware 4.0\guard.exe
Infecté par: Win32.Virtob.C
G:\Program Files\ewido anti-spyware 4.0\guard.exe
Echec de la désinfection
G:\Program Files\ewido anti-spyware 4.0\guard.exe
Echec de la suppression
G:\Program Files\ewido anti-spyware 4.0\ewido.exe
Infecté par: Win32.Virtob.C
G:\Program Files\ewido anti-spyware 4.0\ewido.exe
Désinfecté
K:\TmSunrise\Trackmania.Sunrise.Extreme.Keygen-RELOADED\Keygen.exe
Infecté par: Win32.Virtob.C
K:\TmSunrise\Trackmania.Sunrise.Extreme.Keygen-RELOADED\Keygen.exe
Désinfecté

hum c'est encore tou plein infecté ^^

Yaha

Répondre à YaHa@IDN

ah j'oublié il y a un processus VRT1.tmp qui essaye de se connecté et qui apparait ds le gestionnaire des taches

Répondre à YaHa@IDN

bon en désactivant la protection résidente d'avast et explorer bitdefender a reussi a nettoyé
j'ai supprimé VRT1 j'espere qu'il reviendra pas

si il reste des choses a faire/essayer ?

je suis preneur

Yaha

Répondre à YaHa@IDN

Le probleme; c'est qu'il infecte des fichiers sains.

Étape 1:
Télécharge eScan Antivirus Toolkit ici. Sauvegarde-le sur ton Bureau.
Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.

Étape 2:
Voici comment mettre l'outil à jour :

1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau; dézippe les fichiers dans le nouveau dossier suggéré (Kaspersky) situé à la racine du lecteur C:\ (C:\Kaspersky.). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit" ).

2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.

3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue"; tape sur une clé pour continuer.

Ne pas lancer le scan tout de suite !

Étape 3:
Redémarre en mode Sans Échec

Étape 4:
Du mode Sans Échec, voici comment utiliser le programme :

1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky

2.) Double-clique sur mwavscan.com; l'interface d'eScan va apparaître à l'écran.

3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.

4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.

5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.

6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !

7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes" ), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.

Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.

Répondre à Angeldark

hum qd je clique sur mwav.exe il me dit que ce n'est pas une application win32 valide...

Répondre à YaHa@IDN

On va faire autrement :

Étape 1:

Crée un dossier que tu vas nommer Sysclean Package dans C:\Program Files par exemple.

Désactive, le temps de la procédure, tous les contrôleurs d'intégrité

(si présents) comme le tea timer de Spybot, Process Guard, Hanti hook,
Winpooch, etc..

Note: Les possesseurs d'Avast antivirus ne doivent pas utiliser Sysclean autrement qu'en mode sans échec car Avast considère sysclean.com comme infecté par le virus VBS:Redlof !!Pour scanner le pc en mode normal(en cas de problème pour accéder au mode sans échec) il faudra désactiver Avast le temps du scan pour éviter tout conflit.(cette remarque peut être valable pour d'autres antivirus!)

Étape 2:

TéléchargeSysclean Package et enregistre le dans le dossier que tu viens de créer.

Étape 3: Mise à jour.

Rends toi à la page suivante:Controlled Pattern Release,et accepte le disclaimer en cliquant sur I Accept.

Une nouvelle fenêtre vas s'ouvrir:télécharge le fichier nommé lptXXX.zip (ou X représente la version du fichier,c'est le premier de la liste.),et dézippe le dans le dossier que tu viens de créer.

Étape 4:

Redémarre le PC, impérativement en mode sans échec,(au démarrage, tapoter immédiatement la touche F8,puis apparaitra un écran avec choix de démarrages : choisir "Mode sans échec" avec les flèches du clavier, puis valider avec "Entrée".)

Choisir le compte usuel (et non Administrateur).
En cas de problème , appliquer la procédure de Symantec "Comment démarrer l'ordinateur en mode sans échec"

Étape 5:

Comment utiliser Trend Micro Sysclean Package :

Lance le fichier "Sysclean" par un double clic. Une fenêtre nommée "Trend Micro Sysclean Package" va s'ouvrir.
coche la case "Automatically clean or delete detected files"
Clique sur le bouton Scan
Patiente le scan peut prendre du temps!
Une fois le scan terminé, clique sur le bouton View Log .Sauvegarde le rapport au format texte qui a été généré.
Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.

Répondre à Angeldark

voila le rapport :

/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/

2006-07-06, 18:39:27, Auto-clean mode specified.
2006-07-06, 18:39:27, Running scanner "G:\Program Files\sysclean package\TSC.BIN"...
2006-07-06, 18:44:46, Scanner "G:\Program Files\sysclean package\TSC.BIN" has finished running.
2006-07-06, 18:44:46, TSC Log:

Damage Cleanup Engine (DCE) 3.98(Build 1012)
Windows XP(Build 2600: )

Start time : jeu. juil. 06 2006 18:39:27

Load Damage Cleanup Template (DCT) "G:\Program Files\sysclean package\tsc.ptn" (version 756) [success]

Complete time : jeu. juil. 06 2006 18:44:46
Execute pattern count(2883), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-07-06, 18:49:28, An error was detected on "D:\System Volume Information\*.*": Accès refusé.
2006-07-06, 18:49:28, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 18:49:31, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 18:49:28
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=G:\Program Files\sysclean package

389 files have been read.
389 files have been checked.
361 files have been scanned.
363 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 18:49:31
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 18:49:31, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 18:49:28
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=G:\Program Files\sysclean package

389 files have been read.
389 files have been checked.
361 files have been scanned.
363 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 18:49:31 3 seconds (2.39 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 18:49:31, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 18:49:28
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=G:\Program Files\sysclean package

389 files have been read.
389 files have been checked.
361 files have been scanned.
363 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 18:49:31 3 seconds (2.39 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 18:49:31, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.
2006-07-06, 19:03:31, An error was detected on "E:\System Volume Information\*.*": Accès refusé.
2006-07-06, 19:04:15, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 19:05:04, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:04:15
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=G:\Program Files\sysclean package

2527 files have been read.
2527 files have been checked.
1667 files have been scanned.
2717 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:05:04
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:05:04, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:04:15
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=G:\Program Files\sysclean package

2527 files have been read.
2527 files have been checked.
1667 files have been scanned.
2717 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:05:04 48 seconds (48.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:05:04, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:04:15
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=G:\Program Files\sysclean package

2527 files have been read.
2527 files have been checked.
1667 files have been scanned.
2717 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:05:04 48 seconds (48.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:05:04, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.
2006-07-06, 19:21:27, An error was detected on "F:\System Volume Information\*.*": Accès refusé.
2006-07-06, 19:21:27, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 19:22:44, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:21:27
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=G:\Program Files\sysclean package

3818 files have been read.
3818 files have been checked.
3126 files have been scanned.
4170 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:22:44
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:22:44, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:21:27
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=G:\Program Files\sysclean package

3818 files have been read.
3818 files have been checked.
3126 files have been scanned.
4170 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:22:44 1 minute 17 seconds (76.77 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:22:44, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:21:27
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 F:\*.* /P=G:\Program Files\sysclean package

3818 files have been read.
3818 files have been checked.
3126 files have been scanned.
4170 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:22:44 1 minute 17 seconds (76.77 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:22:44, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\system.LOG": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\software.LOG": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\default.LOG": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SECURITY": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SAM": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SAM.LOG": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SECURITY.LOG": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SYSTEM": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\SOFTWARE": Accès refusé.
2006-07-06, 19:23:12, An error occurred while scanning file "G:\WINDOWS\system32\config\DEFAULT": Accès refusé.
2006-07-06, 19:23:14, An error occurred while scanning file "G:\WINDOWS\system32\drivers\sptd6829.sys": Accès refusé.
2006-07-06, 19:23:14, An error occurred while scanning file "G:\WINDOWS\system32\drivers\sptd.sys": Accès refusé.
2006-07-06, 19:23:14, An error occurred while scanning file "G:\WINDOWS\system32\drivers\dtscsi.sys": Accès refusé.
2006-07-06, 19:24:40, An error occurred while scanning file "G:\Documents and Settings\Administrateur\NTUSER.DAT": Accès refusé.
2006-07-06, 19:24:40, An error occurred while scanning file "G:\Documents and Settings\Administrateur\ntuser.dat.LOG": Accès refusé.
2006-07-06, 19:25:19, An error occurred while scanning file "G:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2006-07-06, 19:25:19, An error occurred while scanning file "G:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2006-07-06, 19:27:04, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 19:39:09, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:27:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 G:\*.* /P=G:\Program Files\sysclean package

G:\NVIDIA\WinXP64\66.96\nvudisp.exe [PE_VIRUT.A]
32621 files have been read.
32621 files have been checked.
29244 files have been scanned.
44777 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:39:08
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:39:09, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:27:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 G:\*.* /P=G:\Program Files\sysclean package

32621 files have been read.
32621 files have been checked.
29244 files have been scanned.
44777 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:39:08 12 minutes 4 seconds (723.58 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:39:09, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:27:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 G:\*.* /P=G:\Program Files\sysclean package

32621 files have been read.
32621 files have been checked.
29244 files have been scanned.
44777 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:39:08 12 minutes 4 seconds (723.58 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:39:09, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.
2006-07-06, 19:40:41, An error was detected on "J:\System Volume Information\*.*": Accès refusé.
2006-07-06, 19:40:41, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 19:42:49, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:40:41
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 J:\*.* /P=G:\Program Files\sysclean package

3161 files have been read.
3161 files have been checked.
3105 files have been scanned.
4681 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:42:49
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:42:49, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:40:41
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 J:\*.* /P=G:\Program Files\sysclean package

3161 files have been read.
3161 files have been checked.
3105 files have been scanned.
4681 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:42:49 2 minutes 8 seconds (127.72 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:42:49, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 19:40:41
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 J:\*.* /P=G:\Program Files\sysclean package

3161 files have been read.
3161 files have been checked.
3105 files have been scanned.
4681 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 19:42:49 2 minutes 8 seconds (127.72 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 19:42:49, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.
2006-07-06, 20:04:14, An error was detected on "K:\System Volume Information\*.*": Accès refusé.
2006-07-06, 20:09:17, Running scanner "G:\Program Files\sysclean package\VSCANTM.BIN"...
2006-07-06, 20:17:13, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 20:09:17
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 K:\*.* /P=G:\Program Files\sysclean package

K:\tsume\Ragnarok.exe [Possible_Virus]
K:\tsume\Ragnarok.RB0 [Possible_Virus]
56886 files have been read.
56886 files have been checked.
44773 files have been scanned.
143645 files have been scanned. (including files in archived)
2 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 20:17:13
---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 20:17:13, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 20:09:17
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 K:\*.* /P=G:\Program Files\sysclean package

56886 files have been read.
56886 files have been checked.
44773 files have been scanned.
143645 files have been scanned. (including files in archived)
2 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 20:17:13 7 minutes 55 seconds (475.69 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 20:17:13, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/6/2006 20:09:17
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 552 (118634 Patterns) (2006/07/05) (355204)
Command Line: G:\Program Files\sysclean package\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 K:\*.* /P=G:\Program Files\sysclean package

56886 files have been read.
56886 files have been checked.
44773 files have been scanned.
143645 files have been scanned. (including files in archived)
2 files containing viruses.
Found 2 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/6/2006 20:17:13 7 minutes 55 seconds (475.69 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-07-06, 20:17:13, Scanner "G:\Program Files\sysclean package\VSCANTM.BIN" has finished running.

j'ai aussi des fausses alertes serwab avec demande d'install
quel logiciel je peux mettre pour eviter ca ?
merci d'avance

Répondre à YaHa@IDN

Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

Répondre à Angeldark

SmitFraudFix v2.68b

Rapport fait à 21:12:35,87, 06/07/2006
Executé à partir de G:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» G:\

»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\system32

G:\WINDOWS\system32\ot.ico PRESENT !
G:\WINDOWS\system32\stdole3.tlb PRESENT !
G:\WINDOWS\system32\ts.ico PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» G:\Documents and Settings\Administrateur\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» G:\DOCUME~1\ADMINI~1\FAVORIS

G:\DOCUME~1\ADMINI~1\FAVORIS\Antivirus Test Online.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» G:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{7916f057-223f-4612-ac84-e882cbe043d4}"="bals"

[HKEY_CLASSES_ROOT\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32]
@="G:\WINDOWS\System32\hvcycg.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32]
@="G:\WINDOWS\System32\hvcycg.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à YaHa@IDN

Redémarre en mode sans échec

Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.

Répondre à Angeldark

hop voila le rapport :
SmitFraudFix v2.68b

Rapport fait à 21:54:10,59, 06/07/2006
Executé à partir de G:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{7916f057-223f-4612-ac84-e882cbe043d4}"="bals"

[HKEY_CLASSES_ROOT\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32]
@="G:\WINDOWS\System32\hvcycg.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32]
@="G:\WINDOWS\System32\hvcycg.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

G:\WINDOWS\System32\hvcycg.dll -> Missing File

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

G:\WINDOWS\system32\ot.ico supprimé
G:\WINDOWS\system32\stdole3.tlb supprimé
G:\WINDOWS\system32\ts.ico supprimé
G:\DOCUME~1\ADMINI~1\FAVORIS\Antivirus Test Online.url supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à YaHa@IDN

D'autres probelemes ?

Répondre à Angeldark

a priori ca semble bon
merci bp

Répondre à YaHa@IDN

(RESOLU) VT100 et pe virut a

Forum Sécurité - Virus : (RESOLU) VT100 et pe virut a

Attention