Aller au contenu

Seb95

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    3

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Seb95

  1. Seb95
    Oopppsss désolé ...... c'est ma première fois Voilà qui est fait (j'espère dans les règles de l'art !!!). Me reste plus qu'à attendre la solution "miracle" Sébastien.
  2. Seb95
    Bonjour ! Et bien voilà, comme beaucoup d'autres j'ai fait le "clic" de trop et me voilà contaminés à mon tour après avoir reçu un message via MSN m'invitant à cliquer sur un lien. Les premiers symptômes ont été l'envoi du "virus" à l'ensemble de mes contacts MSN. Ensuite plus rien puis départ en congés. A mon retour, j'ai ressenti un ralentissement d'internet et découvert l'impossibilité de mettre à jour mon anti-virus SOPHOS (ni même de le désinstaller correctement pour pouvoir refaire une install correcte), l'impossibilité d'installer un autre anti-virus, ni même pouvoir taper le mot sur internet sans me faire éjecter. Des outils de sécurité m'alertent, sans toutefois réussir à définitivement neutraliser l'infection. Et même si je peux encore utilisé mon PC, je suis aujourd'hui non protégé contre quelconque virus et ne sais comment faire pour me débarrasser de ce problème. Voici donc ci-dessous les rapports qui font suite au lancement de différents programmes. Si quelqu'un pouvais me venir en aide et me dire quoi faire exactement !!! MSNFix MSNFix 1.512 C:\Documents and Settings\S‚bastien\Bureau\MSNFix Fix exécuté le 23/09/2007 - 19:43:59,54 By S‚bastien mode normal ************************ Recherche les fichiers présents Aucun Fichier trouvé ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\winlsd.exe] 051D2F4CCA2F813811423BCB32D8C17D ==> SVP merci d'envoyer le fichier C:\DOCUME~1\SBASTI~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- VirtumondoBegone : VBG [09/23/2007, 19:16:08] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Sébastien\Bureau\VirtumundoBeGone.exe" ) [09/23/2007, 19:16:13] - Detected System Information: [09/23/2007, 19:16:13] - Windows Version: 5.1.2600, Service Pack 2 [09/23/2007, 19:16:13] - Current Username: Sébastien (Admin) [09/23/2007, 19:16:13] - Windows is in NORMAL mode. [09/23/2007, 19:16:13] - Searching for Browser Helper Objects: [09/23/2007, 19:16:13] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:13] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:13] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:13] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - No filename found. Continuing. [09/23/2007, 19:16:13] - BHO 5: {9370EFDE-C0DA-42C9-B609-41C87B462011} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\iifdccy [09/23/2007, 19:16:13] - Found: HKLM\...\Winlogon\Notify\iifdccy - This is probably Virtumundo. [09/23/2007, 19:16:13] - Assigning {9370EFDE-C0DA-42C9-B609-41C87B462011} MSEvents Object [09/23/2007, 19:16:13] - BHO list has been changed! Starting over... [09/23/2007, 19:16:13] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:13] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:13] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:13] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - No filename found. Continuing. [09/23/2007, 19:16:13] - BHO 5: {9370EFDE-C0DA-42C9-B609-41C87B462011} (MSEvents Object) [09/23/2007, 19:16:13] - ALERT: Found MSEvents Object! [09/23/2007, 19:16:13] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [09/23/2007, 19:16:13] - BHO 7: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [09/23/2007, 19:16:13] - BHO 8: {CA6319C0-31B7-401E-A518-A07C3DB8F777} (CBrowserHelperObject Object) [09/23/2007, 19:16:13] - BHO 9: {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\snvyqoxh [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\snvyqoxh, continuing. [09/23/2007, 19:16:13] - BHO 10: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) [09/23/2007, 19:16:13] - BHO 11: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\mnyviewer [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\mnyviewer, continuing. [09/23/2007, 19:16:13] - Finished Searching Browser Helper Objects [09/23/2007, 19:16:13] - *** Detected MSEvents Object [09/23/2007, 19:16:13] - Trying to remove MSEvents Object... [09/23/2007, 19:16:14] - Terminating Process: IEXPLORE.EXE [09/23/2007, 19:16:15] - Terminating Process: RUNDLL32.EXE [09/23/2007, 19:16:15] - Disabling Automatic Shell Restart [09/23/2007, 19:16:15] - Terminating Process: EXPLORER.EXE [09/23/2007, 19:16:15] - Suspending the NT Session Manager System Service [09/23/2007, 19:16:15] - Terminating Windows NT Logon/Logoff Manager [09/23/2007, 19:16:15] - Re-enabling Automatic Shell Restart [09/23/2007, 19:16:15] - File to disable: C:\WINDOWS\system32\iifdccy.dll [09/23/2007, 19:16:15] - Renaming C:\WINDOWS\system32\iifdccy.dll -> C:\WINDOWS\system32\iifdccy.dll.vir [09/23/2007, 19:16:15] - File successfully renamed! [09/23/2007, 19:16:15] - Removing HKLM\...\Browser Helper Objects\{9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Removing HKCR\CLSID\{9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Adding Kill Bit for ActiveX for GUID: {9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Deleting ATLEvents/MSEvents Registry entries [09/23/2007, 19:16:15] - Removing HKLM\...\Winlogon\Notify\iifdccy [09/23/2007, 19:16:15] - Searching for Browser Helper Objects: [09/23/2007, 19:16:15] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:15] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:16] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:16] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - No filename found. Continuing. [09/23/2007, 19:16:16] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [09/23/2007, 19:16:16] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [09/23/2007, 19:16:16] - BHO 7: {CA6319C0-31B7-401E-A518-A07C3DB8F777} (CBrowserHelperObject Object) [09/23/2007, 19:16:16] - BHO 8: {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\snvyqoxh [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\snvyqoxh, continuing. [09/23/2007, 19:16:16] - BHO 9: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) [09/23/2007, 19:16:16] - BHO 10: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\mnyviewer [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\mnyviewer, continuing. [09/23/2007, 19:16:16] - Finished Searching Browser Helper Objects [09/23/2007, 19:16:16] - Finishing up... [09/23/2007, 19:16:16] - A restart is needed. [09/23/2007, 19:16:16] - Automatic Reboot on STOP Error is not set. User will have to manually restart. [09/23/2007, 19:16:28] - Attempting to Restart via STOP error (Blue Screen!) Dans cette attente. A+ Sebastien
  3. Seb95
    Bonjour ! Et bien voilà, comme beaucoup d'autres j'ai fait le "clic" de trop et me voilà contaminés à mon tour. Les premiers symptômes (qui ne se sont fait ressentir que quelques semaines après) ont été un ralentissement d'internet, l'impossibilité de mettre à jour mon anti-virus SOPHOS (ni même de le désinstaller correctement pour pouvoir refaire une install correcte), l'impossibilité d'installer un autre anti-virus, ni même pouvoir taper le mot sur internet sans me faire ejecter. Des outils de sécurité m'alertent, sans toutefois réussir à définitivement neutraliser l'infection. Et même si je peux encore utilisé mon PC, je suis aujourd'hui non protégé contre quelconque virus et ne sais comment faire pour me débarraser de ce problème. Voici donc ci-dessous les rapports qui font suite au lancement de différents programmes. Si quelqu'un pouvais me venir en aide et me dire quoi faire exactement !!! MSNFix MSNFix 1.512 C:\Documents and Settings\S‚bastien\Bureau\MSNFix Fix exécuté le 23/09/2007 - 19:43:59,54 By S‚bastien mode normal ************************ Recherche les fichiers présents Aucun Fichier trouvé ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\winlsd.exe] 051D2F4CCA2F813811423BCB32D8C17D ==> SVP merci d'envoyer le fichier C:\DOCUME~1\SBASTI~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- VirtumondoBegone : VBG [09/23/2007, 19:16:08] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Sébastien\Bureau\VirtumundoBeGone.exe" ) [09/23/2007, 19:16:13] - Detected System Information: [09/23/2007, 19:16:13] - Windows Version: 5.1.2600, Service Pack 2 [09/23/2007, 19:16:13] - Current Username: Sébastien (Admin) [09/23/2007, 19:16:13] - Windows is in NORMAL mode. [09/23/2007, 19:16:13] - Searching for Browser Helper Objects: [09/23/2007, 19:16:13] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:13] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:13] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:13] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - No filename found. Continuing. [09/23/2007, 19:16:13] - BHO 5: {9370EFDE-C0DA-42C9-B609-41C87B462011} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\iifdccy [09/23/2007, 19:16:13] - Found: HKLM\...\Winlogon\Notify\iifdccy - This is probably Virtumundo. [09/23/2007, 19:16:13] - Assigning {9370EFDE-C0DA-42C9-B609-41C87B462011} MSEvents Object [09/23/2007, 19:16:13] - BHO list has been changed! Starting over... [09/23/2007, 19:16:13] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:13] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:13] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:13] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - No filename found. Continuing. [09/23/2007, 19:16:13] - BHO 5: {9370EFDE-C0DA-42C9-B609-41C87B462011} (MSEvents Object) [09/23/2007, 19:16:13] - ALERT: Found MSEvents Object! [09/23/2007, 19:16:13] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [09/23/2007, 19:16:13] - BHO 7: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [09/23/2007, 19:16:13] - BHO 8: {CA6319C0-31B7-401E-A518-A07C3DB8F777} (CBrowserHelperObject Object) [09/23/2007, 19:16:13] - BHO 9: {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\snvyqoxh [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\snvyqoxh, continuing. [09/23/2007, 19:16:13] - BHO 10: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) [09/23/2007, 19:16:13] - BHO 11: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} () [09/23/2007, 19:16:13] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:13] - Checking for HKLM\...\Winlogon\Notify\mnyviewer [09/23/2007, 19:16:13] - Key not found: HKLM\...\Winlogon\Notify\mnyviewer, continuing. [09/23/2007, 19:16:13] - Finished Searching Browser Helper Objects [09/23/2007, 19:16:13] - *** Detected MSEvents Object [09/23/2007, 19:16:13] - Trying to remove MSEvents Object... [09/23/2007, 19:16:14] - Terminating Process: IEXPLORE.EXE [09/23/2007, 19:16:15] - Terminating Process: RUNDLL32.EXE [09/23/2007, 19:16:15] - Disabling Automatic Shell Restart [09/23/2007, 19:16:15] - Terminating Process: EXPLORER.EXE [09/23/2007, 19:16:15] - Suspending the NT Session Manager System Service [09/23/2007, 19:16:15] - Terminating Windows NT Logon/Logoff Manager [09/23/2007, 19:16:15] - Re-enabling Automatic Shell Restart [09/23/2007, 19:16:15] - File to disable: C:\WINDOWS\system32\iifdccy.dll [09/23/2007, 19:16:15] - Renaming C:\WINDOWS\system32\iifdccy.dll -> C:\WINDOWS\system32\iifdccy.dll.vir [09/23/2007, 19:16:15] - File successfully renamed! [09/23/2007, 19:16:15] - Removing HKLM\...\Browser Helper Objects\{9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Removing HKCR\CLSID\{9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Adding Kill Bit for ActiveX for GUID: {9370EFDE-C0DA-42C9-B609-41C87B462011} [09/23/2007, 19:16:15] - Deleting ATLEvents/MSEvents Registry entries [09/23/2007, 19:16:15] - Removing HKLM\...\Winlogon\Notify\iifdccy [09/23/2007, 19:16:15] - Searching for Browser Helper Objects: [09/23/2007, 19:16:15] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [09/23/2007, 19:16:15] - BHO 2: {2778A0B6-31D5-476C-9077-EE171E249190} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\awvvt [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\awvvt, continuing. [09/23/2007, 19:16:16] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/23/2007, 19:16:16] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - No filename found. Continuing. [09/23/2007, 19:16:16] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [09/23/2007, 19:16:16] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [09/23/2007, 19:16:16] - BHO 7: {CA6319C0-31B7-401E-A518-A07C3DB8F777} (CBrowserHelperObject Object) [09/23/2007, 19:16:16] - BHO 8: {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\snvyqoxh [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\snvyqoxh, continuing. [09/23/2007, 19:16:16] - BHO 9: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) [09/23/2007, 19:16:16] - BHO 10: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} () [09/23/2007, 19:16:16] - WARNING: BHO has no default name. Checking for Winlogon reference. [09/23/2007, 19:16:16] - Checking for HKLM\...\Winlogon\Notify\mnyviewer [09/23/2007, 19:16:16] - Key not found: HKLM\...\Winlogon\Notify\mnyviewer, continuing. [09/23/2007, 19:16:16] - Finished Searching Browser Helper Objects [09/23/2007, 19:16:16] - Finishing up... [09/23/2007, 19:16:16] - A restart is needed. [09/23/2007, 19:16:16] - Automatic Reboot on STOP Error is not set. User will have to manually restart. [09/23/2007, 19:16:28] - Attempting to Restart via STOP error (Blue Screen!) Dans cette attente. A+ Sebastien
×
×
  • Créer...