Win32Rootkit-gen

Résolu/Fermé

Higgins - 17 févr. 2009 à 21:21
Higgins971 - 7 mars 2009 à 13:29

Bonjour,
mon antivirus avast me signal un virus du nom de win32Rootkit-gen et quand je clic sur mettre en quarantaine il ne trouve pas l'emplacement, comment faire pour le retirer merci d'avance j'ai un rapport hijackthis qui est

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51:17, on 17/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\windows\higeorge08.exe
C:\windows\tag06.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\documents and settings\hp_propriétaire\local settings\application data\acwsu.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Mon Edition Spéciale\CalCheck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\All Users\Documents\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: 485594 helper - {B935A11E-49AA-43C7-BF1C-3BDEB7120142} - C:\WINDOWS\system32\485594\485594.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent\tbP2P0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Canal Widget] "c:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKLM\..\Run: [Captcha5] rundll "C:\Program Files\captcha5.dll",captcha
O4 - HKLM\..\Run: [sysftray2] C:\windows\higeorge08.exe
O4 - HKLM\..\Run: [systgray2] C:\windows\tag06.exe
O4 - HKLM\..\Run: [sysnltray2] C:\windows\nl07.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [acwsu] "c:\documents and settings\hp_propriétaire\local settings\application data\acwsu.exe" acwsu
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: BoontyBox Boonty.com.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = ?
O4 - Global Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - c:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

A voir également:

Win32Rootkit-gen
Xiaomi tv box s 2nd gen test - Accueil - TV & Vidéo
E-gen - Forum Windows XP
Win64 pup gen ✓ - Forum Virus
Win64:miscx-gen - Forum Virus
Oxy-gen - Télécharger - Généalogie

266 réponses

Réponse 81 / 266

higgins971
20 févr. 2009 à 13:03

le rapport OT move it

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service Boonty box .
Unable to stop service Boonty games .
========== FILES ==========
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe moved successfully.
File/Folder C:\WINDOWS\system32\485594\485594.dll not found.
DllUnregisterServer procedure not found in C:\Program Files\captcha5.dll
C:\Program Files\captcha5.dll NOT unregistered.
C:\Program Files\captcha5.dll moved successfully.
C:\windows\tag06.exe moved successfully.
C:\windows\nl07.exe moved successfully.
File/Folder C:\Program Files\Boonty\BoontyBox\BoontyBox.exe not found.
C:\ancien moved successfully.
C:\WINDOWS\system32\485594 moved successfully.
File/Folder C:\WINDOWS\tag06.exe not found.
File/Folder C:\Program Files\captcha5.dll not found.
C:\WINDOWS\freddy35.exe moved successfully.
C:\Python22\tcl\tk8.3\images moved successfully.
C:\Python22\tcl\tk8.3\demos\images moved successfully.
C:\Python22\tcl\tk8.3\demos moved successfully.
C:\Python22\tcl\tk8.3 moved successfully.
C:\Python22\tcl\tcl8.3\tcltest1.0 moved successfully.
C:\Python22\tcl\tcl8.3\reg1.0 moved successfully.
C:\Python22\tcl\tcl8.3\opt0.4 moved successfully.
C:\Python22\tcl\tcl8.3\msgcat1.0 moved successfully.
C:\Python22\tcl\tcl8.3\http2.3 moved successfully.
C:\Python22\tcl\tcl8.3\http1.0 moved successfully.
C:\Python22\tcl\tcl8.3\encoding moved successfully.
C:\Python22\tcl\tcl8.3\dde1.1 moved successfully.
C:\Python22\tcl\tcl8.3 moved successfully.
C:\Python22\tcl moved successfully.
C:\Python22\Scripts moved successfully.
C:\Python22\libs moved successfully.
C:\Python22\Lib\xml\sax moved successfully.
C:\Python22\Lib\xml\parsers moved successfully.
C:\Python22\Lib\xml\dom moved successfully.
C:\Python22\Lib\xml moved successfully.
C:\Python22\Lib\site-packages\win32comext\taskscheduler\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\taskscheduler moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\demos\servers moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell moved successfully.
C:\Python22\Lib\site-packages\win32comext\mapi\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\mapi moved successfully.
C:\Python22\Lib\site-packages\win32comext\internet moved successfully.
C:\Python22\Lib\site-packages\win32comext\ifilter\demo moved successfully.
C:\Python22\Lib\site-packages\win32comext\ifilter moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\server moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\wsh moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\ie moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\asp\interrupt moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\asp moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\client moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript moved successfully.
C:\Python22\Lib\site-packages\win32comext\axdebug moved successfully.
C:\Python22\Lib\site-packages\win32comext\axcontrol moved successfully.
C:\Python22\Lib\site-packages\win32comext\adsi\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\adsi moved successfully.
C:\Python22\Lib\site-packages\win32comext moved successfully.
C:\Python22\Lib\site-packages\win32com\test moved successfully.
C:\Python22\Lib\site-packages\win32com\servers moved successfully.
C:\Python22\Lib\site-packages\win32com\server moved successfully.
C:\Python22\Lib\site-packages\win32com\makegw moved successfully.
C:\Python22\Lib\site-packages\win32com\libs moved successfully.
C:\Python22\Lib\site-packages\win32com\include moved successfully.
C:\Python22\Lib\site-packages\win32com\HTML\image moved successfully.
C:\Python22\Lib\site-packages\win32com\HTML moved successfully.
C:\Python22\Lib\site-packages\win32com\gen_py moved successfully.
C:\Python22\Lib\site-packages\win32com\demos moved successfully.
C:\Python22\Lib\site-packages\win32com\client moved successfully.
C:\Python22\Lib\site-packages\win32com moved successfully.
C:\Python22\Lib\site-packages\win32\test\win32rcparser moved successfully.
C:\Python22\Lib\site-packages\win32\test moved successfully.
C:\Python22\Lib\site-packages\win32\scripts\VersionStamp moved successfully.
C:\Python22\Lib\site-packages\win32\scripts\ce moved successfully.
C:\Python22\Lib\site-packages\win32\scripts moved successfully.
C:\Python22\Lib\site-packages\win32\libs moved successfully.
C:\Python22\Lib\site-packages\win32\lib moved successfully.
C:\Python22\Lib\site-packages\win32\include moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\win32wnet moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\service\install moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\service moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\security moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\pipes moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\images moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\dde moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\c_extension moved successfully.
C:\Python22\Lib\site-packages\win32\Demos moved successfully.
C:\Python22\Lib\site-packages\win32 moved successfully.
C:\Python22\Lib\site-packages\pywin32_system32 moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\tools moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\scintilla moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\mfc moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\idle moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework\editor\color moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework\editor moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\docking moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\dialogs moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos\ocx moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos\app moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\debugger moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin moved successfully.
C:\Python22\Lib\site-packages\pythonwin moved successfully.
C:\Python22\Lib\site-packages\isapi\test moved successfully.
C:\Python22\Lib\site-packages\isapi\samples moved successfully.
C:\Python22\Lib\site-packages\isapi\doc moved successfully.
C:\Python22\Lib\site-packages\isapi moved successfully.
C:\Python22\Lib\site-packages moved successfully.
C:\Python22\Lib\lib-tk moved successfully.
C:\Python22\Lib\lib-old moved successfully.
C:\Python22\Lib\hotshot moved successfully.
C:\Python22\Lib\encodings moved successfully.
C:\Python22\Lib\email\test\data moved successfully.
C:\Python22\Lib\email\test moved successfully.
C:\Python22\Lib\email moved successfully.
C:\Python22\Lib\distutils\command moved successfully.
C:\Python22\Lib\distutils moved successfully.
C:\Python22\Lib\compiler moved successfully.
C:\Python22\Lib moved successfully.
C:\Python22\DLLs moved successfully.
C:\Python22 moved successfully.
C:\WINDOWS\system32\FxsTmp moved successfully.
C:\WINDOWS\Pex.INI moved successfully.
C:\WINDOWS\Burger Shop Setup Log.txt moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B935A11E-49AA-43C7-BF1C-3BDEB7120142}\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCDrProfiler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Reminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LVCOMSX deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Captcha5 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systgray2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysnltray2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LDM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LogitechSoftwareUpdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MessengerPlus3 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd0ffe71-0ad7-11db-9a32-806d6172696f}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdfe79b2-0152-11dc-9bf6-000e5050f45d}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Perflib_Perfdata_f00.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_98.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_n9BLtAhfd618CvS scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02202009_124927

Files moved on Reboot...
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Perflib_Perfdata_f00.dat not found!
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\WCESLog.log moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_98.dat not found!
File C:\WINDOWS\temp\sqlite_n9BLtAhfd618CvS not found!

Réponse 82 / 266

higgins971
20 févr. 2009 à 13:34

d'accord je fais tout ça puis je t'envoie les rapports la je suis au scan du poste de travail avec online scanner

Réponse 83 / 266

higgins971
20 févr. 2009 à 17:25

g un petit souci il ne veut pas enregistrer la sauvegarde sur l'ordi à la fin du scan comment faire?

Réponse 84 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 17:29

tu parles de quoi? quel scan?

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 85 / 266

higgins971
20 févr. 2009 à 18:06

je n'arrive à envoyer le rapport su scan online scanner kaspersty sa beug pour l'envoi

Réponse 86 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 18:10

Tu devais nous envoyer d'abord le rapport OTmoveit et faire la procedure antivir.Si tu ne fais pas les choses dans l'ordre ca ne va pas aller.Si tu n'arrives pas a te connecter a kaspersky c'est surement du a l'infection.

Reprends la procedure que je t'ai donné dans le detail precedemment et envoies nous les rapports

Réponse 87 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 18:12

Donc en resumé

1/Le script de genhackman avec Otmoveit (ok fait)

2/Supprimes les restes de norton avec le logiciel fourni (??????)

3/Supprimes avast et remplaces le par antivir (????????)

4/Scan complet antivir apres parametrage et mise a jour.Postes le rapport (????????)

5/Supprimes ce que tu as en quarantaine dans ton antivirus et tes antispywares (???????????)

6/Scan complet en ligne sur kaspersky.Postes le rapport

On te donnera la suite de la procedure au vue des rapports remis

Réponse 88 / 266

higgins971
20 févr. 2009 à 18:15

g tout fait dans l'odre, j'ai envoyé déjà le rapport OT move it qui est

Le rapport OT move it

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service Boonty box .
Unable to stop service Boonty games .
========== FILES ==========
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe moved successfully.
File/Folder C:\WINDOWS\system32\485594\485594.dll not found.
DllUnregisterServer procedure not found in C:\Program Files\captcha5.dll
C:\Program Files\captcha5.dll NOT unregistered.
C:\Program Files\captcha5.dll moved successfully.
C:\windows\tag06.exe moved successfully.
C:\windows\nl07.exe moved successfully.
File/Folder C:\Program Files\Boonty\BoontyBox\BoontyBox.exe not found.
C:\ancien moved successfully.
C:\WINDOWS\system32\485594 moved successfully.
File/Folder C:\WINDOWS\tag06.exe not found.
File/Folder C:\Program Files\captcha5.dll not found.
C:\WINDOWS\freddy35.exe moved successfully.
C:\Python22\tcl\tk8.3\images moved successfully.
C:\Python22\tcl\tk8.3\demos\images moved successfully.
C:\Python22\tcl\tk8.3\demos moved successfully.
C:\Python22\tcl\tk8.3 moved successfully.
C:\Python22\tcl\tcl8.3\tcltest1.0 moved successfully.
C:\Python22\tcl\tcl8.3\reg1.0 moved successfully.
C:\Python22\tcl\tcl8.3\opt0.4 moved successfully.
C:\Python22\tcl\tcl8.3\msgcat1.0 moved successfully.
C:\Python22\tcl\tcl8.3\http2.3 moved successfully.
C:\Python22\tcl\tcl8.3\http1.0 moved successfully.
C:\Python22\tcl\tcl8.3\encoding moved successfully.
C:\Python22\tcl\tcl8.3\dde1.1 moved successfully.
C:\Python22\tcl\tcl8.3 moved successfully.
C:\Python22\tcl moved successfully.
C:\Python22\Scripts moved successfully.
C:\Python22\libs moved successfully.
C:\Python22\Lib\xml\sax moved successfully.
C:\Python22\Lib\xml\parsers moved successfully.
C:\Python22\Lib\xml\dom moved successfully.
C:\Python22\Lib\xml moved successfully.
C:\Python22\Lib\site-packages\win32comext\taskscheduler\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\taskscheduler moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\demos\servers moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\shell moved successfully.
C:\Python22\Lib\site-packages\win32comext\mapi\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\mapi moved successfully.
C:\Python22\Lib\site-packages\win32comext\internet moved successfully.
C:\Python22\Lib\site-packages\win32comext\ifilter\demo moved successfully.
C:\Python22\Lib\site-packages\win32comext\ifilter moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\test moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\server moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\wsh moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\ie moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\asp\interrupt moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client\asp moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos\client moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\Demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript\client moved successfully.
C:\Python22\Lib\site-packages\win32comext\axscript moved successfully.
C:\Python22\Lib\site-packages\win32comext\axdebug moved successfully.
C:\Python22\Lib\site-packages\win32comext\axcontrol moved successfully.
C:\Python22\Lib\site-packages\win32comext\adsi\demos moved successfully.
C:\Python22\Lib\site-packages\win32comext\adsi moved successfully.
C:\Python22\Lib\site-packages\win32comext moved successfully.
C:\Python22\Lib\site-packages\win32com\test moved successfully.
C:\Python22\Lib\site-packages\win32com\servers moved successfully.
C:\Python22\Lib\site-packages\win32com\server moved successfully.
C:\Python22\Lib\site-packages\win32com\makegw moved successfully.
C:\Python22\Lib\site-packages\win32com\libs moved successfully.
C:\Python22\Lib\site-packages\win32com\include moved successfully.
C:\Python22\Lib\site-packages\win32com\HTML\image moved successfully.
C:\Python22\Lib\site-packages\win32com\HTML moved successfully.
C:\Python22\Lib\site-packages\win32com\gen_py moved successfully.
C:\Python22\Lib\site-packages\win32com\demos moved successfully.
C:\Python22\Lib\site-packages\win32com\client moved successfully.
C:\Python22\Lib\site-packages\win32com moved successfully.
C:\Python22\Lib\site-packages\win32\test\win32rcparser moved successfully.
C:\Python22\Lib\site-packages\win32\test moved successfully.
C:\Python22\Lib\site-packages\win32\scripts\VersionStamp moved successfully.
C:\Python22\Lib\site-packages\win32\scripts\ce moved successfully.
C:\Python22\Lib\site-packages\win32\scripts moved successfully.
C:\Python22\Lib\site-packages\win32\libs moved successfully.
C:\Python22\Lib\site-packages\win32\lib moved successfully.
C:\Python22\Lib\site-packages\win32\include moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\win32wnet moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\service\install moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\service moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\security moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\pipes moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\images moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\dde moved successfully.
C:\Python22\Lib\site-packages\win32\Demos\c_extension moved successfully.
C:\Python22\Lib\site-packages\win32\Demos moved successfully.
C:\Python22\Lib\site-packages\win32 moved successfully.
C:\Python22\Lib\site-packages\pywin32_system32 moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\tools moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\scintilla moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\mfc moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\idle moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework\editor\color moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework\editor moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\framework moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\docking moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\dialogs moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos\ocx moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos\app moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\Demos moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin\debugger moved successfully.
C:\Python22\Lib\site-packages\pythonwin\pywin moved successfully.
C:\Python22\Lib\site-packages\pythonwin moved successfully.
C:\Python22\Lib\site-packages\isapi\test moved successfully.
C:\Python22\Lib\site-packages\isapi\samples moved successfully.
C:\Python22\Lib\site-packages\isapi\doc moved successfully.
C:\Python22\Lib\site-packages\isapi moved successfully.
C:\Python22\Lib\site-packages moved successfully.
C:\Python22\Lib\lib-tk moved successfully.
C:\Python22\Lib\lib-old moved successfully.
C:\Python22\Lib\hotshot moved successfully.
C:\Python22\Lib\encodings moved successfully.
C:\Python22\Lib\email\test\data moved successfully.
C:\Python22\Lib\email\test moved successfully.
C:\Python22\Lib\email moved successfully.
C:\Python22\Lib\distutils\command moved successfully.
C:\Python22\Lib\distutils moved successfully.
C:\Python22\Lib\compiler moved successfully.
C:\Python22\Lib moved successfully.
C:\Python22\DLLs moved successfully.
C:\Python22 moved successfully.
C:\WINDOWS\system32\FxsTmp moved successfully.
C:\WINDOWS\Pex.INI moved successfully.
C:\WINDOWS\Burger Shop Setup Log.txt moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B935A11E-49AA-43C7-BF1C-3BDEB7120142}\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCDrProfiler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Reminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LVCOMSX deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Captcha5 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systgray2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysnltray2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LDM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LogitechSoftwareUpdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MessengerPlus3 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd0ffe71-0ad7-11db-9a32-806d6172696f}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdfe79b2-0152-11dc-9bf6-000e5050f45d}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Perflib_Perfdata_f00.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_98.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_n9BLtAhfd618CvS scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02202009_124927

Files moved on Reboot...
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Perflib_Perfdata_f00.dat not found!
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\WCESLog.log moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_98.dat not found!
File C:\WINDOWS\temp\sqlite_n9BLtAhfd618CvS not found!

Réponse 89 / 266

higgins971
20 févr. 2009 à 18:17

puis je devais faire le scan du poste de travail avec kasperty online scanner il à tout fait, il m'a donné le rapport mais quand j'essaye de te l'envoyer il ne le site du forum bug

Réponse 90 / 266

higgins971
20 févr. 2009 à 18:18

supprimer norton je fais maintenant

Réponse 91 / 266

higgins971
20 févr. 2009 à 18:25

supprimer avast c'est bon

Réponse 92 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 18:25

Merci de bien suivre la procedure et de nous poster les rapports demandés.

Réponse 93 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 18:26

Ok installes antivir et lances le scan complet.Parametres le comme indiqué et postes nous le rapport à la fin du scan.STP

Réponse 94 / 266

higgins971
20 févr. 2009 à 18:55

avast supprimer
antivir installer

Réponse 95 / 266

higgins971
20 févr. 2009 à 18:58

par contre j'ai déjà CCLeaner sur le bureau donc je fais comment STP?

Réponse 96 / 266

loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
20 févr. 2009 à 19:06

Si tu as deja ccleaner,tu ne le re-telecharges pas

Réponse 97 / 266

higgins971
20 févr. 2009 à 19:33

rapport analyse antivir

Avira AntiVir Personal
Date de création du fichier de rapport : vendredi 20 février 2009 19:27

La recherche porte sur 1258325 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : HP_Propriétaire
Nom de l'ordinateur :NINOBLACK

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 17:53:00
ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 20/02/2009 17:53:01
ANTIVIR3.VDF : 7.1.2.56 2048 Bytes 20/02/2009 17:53:02
Version du moteur: 8.2.0.87
AEVDF.DLL : 8.1.1.0 106868 Bytes 20/02/2009 17:53:14
AESCRIPT.DLL : 8.1.1.47 348539 Bytes 20/02/2009 17:53:12
AESCN.DLL : 8.1.1.7 127347 Bytes 20/02/2009 17:53:11
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.8 397684 Bytes 20/02/2009 17:53:10
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 20/02/2009 17:53:09
AEHEUR.DLL : 8.1.0.97 1610103 Bytes 20/02/2009 17:53:08
AEHELP.DLL : 8.1.2.0 119159 Bytes 20/02/2009 17:53:05
AEGEN.DLL : 8.1.1.20 336245 Bytes 20/02/2009 17:53:04
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 20/02/2009 17:53:03
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Processus actifs
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\process.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Recherche dans les programmes actifs: marche
Programmes en cours étendus......: marche
Recherche en cours sur l'enregistrement: arrêt
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : vendredi 20 février 2009 19:27

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '49' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '99' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '40' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '48' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '31' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '31' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '55' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '20' module(s) sont contrôlés
Processus de recherche 'hpsysdrv.exe' - '17' module(s) sont contrôlés
Processus de recherche 'atiptaxx.exe' - '36' module(s) sont contrôlés
Processus de recherche 'ALCXMNTR.EXE' - '33' module(s) sont contrôlés
Processus de recherche 'wltuser.exe' - '62' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '168' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '35' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '47' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '36' module(s) sont contrôlés
Processus de recherche 'kwtbaim.exe' - '40' module(s) sont contrôlés
Processus de recherche 'soffice.bin' - '88' module(s) sont contrôlés
Processus de recherche 'soffice.exe' - '20' module(s) sont contrôlés
Processus de recherche 'FxSvr2.exe' - '39' module(s) sont contrôlés
Processus de recherche 'LVCOMSX.EXE' - '37' module(s) sont contrôlés
Processus de recherche 'WindowsSearch.exe' - '72' module(s) sont contrôlés
Processus de recherche 'Watch.exe' - '31' module(s) sont contrôlés
Processus de recherche 'PhLeAutoRun.exe' - '42' module(s) sont contrôlés
Processus de recherche 'LogitechDesktopMessenger.exe' - '77' module(s) sont contrôlés
Processus de recherche 'hpqtra08.exe' - '59' module(s) sont contrôlés
Processus de recherche 'CalCheck.exe' - '30' module(s) sont contrôlés
Processus de recherche 'rapimgr.exe' - '42' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '122' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '27' module(s) sont contrôlés
Processus de recherche 'OrangeDesktopSearch.exe' - '48' module(s) sont contrôlés
Processus de recherche 'wcescomm.exe' - '47' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '44' module(s) sont contrôlés
Processus de recherche 'realsched.exe' - '30' module(s) sont contrôlés
Processus de recherche 'fsui.exe' - '42' module(s) sont contrôlés
Processus de recherche 'BTLiveUpdate.exe' - '47' module(s) sont contrôlés
Processus de recherche 'EverioService.exe' - '74' module(s) sont contrôlés
Processus de recherche 'kbd.exe' - '60' module(s) sont contrôlés
Processus de recherche 'E_FATIACE.EXE' - '21' module(s) sont contrôlés
Processus de recherche 'LogiTray.exe' - '58' module(s) sont contrôlés
Processus de recherche 'PCMService.exe' - '74' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '122' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '22' module(s) sont contrôlés
Processus de recherche 'CLSched.exe' - '34' module(s) sont contrôlés
Processus de recherche 'searchindexer.exe' - '54' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '44' module(s) sont contrôlés
Processus de recherche 'RichVideo.exe' - '24' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '41' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '83' module(s) sont contrôlés
Processus de recherche 'fsssvc.exe' - '88' module(s) sont contrôlés
Processus de recherche 'CLMLServer.exe' - '26' module(s) sont contrôlés
Processus de recherche 'CLCapSvc.exe' - '71' module(s) sont contrôlés
Processus de recherche 'CanalPlus.VOD.exe' - '99' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '34' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '27' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '65' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '43' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '34' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '32' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '165' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '42' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '54' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '17' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '60' module(s) sont contrôlés
Processus de recherche 'services.exe' - '29' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '69' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '16' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '2' module(s) sont contrôlés
'68' processus ont été contrôlés avec '3475' modules

Fin de la recherche : vendredi 20 février 2009 19:28
Temps nécessaire: 00:50 Minute(s)

La recherche a été effectuée intégralement

0 Les répertoires ont été contrôlés
3506 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de contrôler des fichiers
3506 Fichiers non infectés
2 Les archives ont été contrôlées
0 Avertissements
0 Consignes

Réponse 98 / 266

Utilisateur anonyme
20 févr. 2009 à 20:58

oulala ca sent le virut(j'espere pas):

combien as tu d infections avec le rapport de kaspersky ?

Réponse 99 / 266

higgins971
20 févr. 2009 à 21:18

je viens de relancer un scan avec kasperskt car l'autre rapport ne veut pas passer sur le site

Réponse 100 / 266

Utilisateur anonyme
20 févr. 2009 à 21:34

combien as tu d infections inscrites sur le rapport precedent de kaspersky ?

c est ecrit au debut du rapport

Discussions similaires

Win64:Malware-gen

Que fait le virus LPI Win32 Pup-Gen

win32:malware-gen bloqué par avast

l'evolution de mon tamagotchi version 1

tamagotchi version 1 et 2