De l'aide ! Virus GoAsk et FeedSearch !
Fermé
Thecky
Messages postés
9
Date d'inscription
jeudi 16 avril 2009
Statut
Membre
Dernière intervention
20 mars 2010
-
16 avril 2009 à 18:21
Thecky Messages postés 9 Date d'inscription jeudi 16 avril 2009 Statut Membre Dernière intervention 20 mars 2010 - 29 avril 2009 à 23:50
Thecky Messages postés 9 Date d'inscription jeudi 16 avril 2009 Statut Membre Dernière intervention 20 mars 2010 - 29 avril 2009 à 23:50
A voir également:
- De l'aide ! Virus GoAsk et FeedSearch !
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
- Faux message virus ordinateur - Guide
- Faux message virus iphone - Forum iPhone
- Tinyurl.com virus - Forum Virus
31 réponses
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Fri Apr 17 18:58:09 2009
Found and removed: C:\Program Files\Java\jre1.5.0_01
Found and removed: C:\Program Files\Java\jre1.5.0_06
Found and removed: C:\Program Files\Java\jre1.6.0_04
Found and removed: C:\Windows\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}
Found and removed: C:\Windows\System32\jupdate-1.5.0_01-b08.log
Found and removed: Software\JavaSoft\Java2D\1.5.0_01
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: Software\JavaSoft\Java2D\1.5.0_11
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\JavaPlugin.150_01
Found and removed: SOFTWARE\Classes\JavaPlugin.150_06
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\JavaPlugin.160_04
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06
Found and removed: Software\Classes\JavaPlugin.160_04
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_04
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_04
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\WINDOWS\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}\
------------------------------------
Finished reporting.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Fri Apr 17 18:58:09 2009
Found and removed: C:\Program Files\Java\jre1.5.0_01
Found and removed: C:\Program Files\Java\jre1.5.0_06
Found and removed: C:\Program Files\Java\jre1.6.0_04
Found and removed: C:\Windows\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}
Found and removed: C:\Windows\System32\jupdate-1.5.0_01-b08.log
Found and removed: Software\JavaSoft\Java2D\1.5.0_01
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: Software\JavaSoft\Java2D\1.5.0_11
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\JavaPlugin.150_01
Found and removed: SOFTWARE\Classes\JavaPlugin.150_06
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Classes\JavaPlugin.160_04
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06
Found and removed: Software\Classes\JavaPlugin.160_04
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510001
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_04
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_04
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\WINDOWS\Installer\{3248F0A8-6813-11D6-A77B-00B0D0150010}\
------------------------------------
Finished reporting.
Sunday, April 19, 2009 1:00:30 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 18/04/2009
Enregistrements dans la base antivirus Kaspersky : 1861669
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
E:\
F:\
Statistiques de l'analyse
Total d'objets analysés 118267
Nombre de virus trouvés 12
Nombre d'objets infectés 61 / 0
Nombre d'objets suspects 2
Durée de l'analyse 03:53:43
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software\TuneUp Utilities\Program Statistics\ProgramStatistics.tudb L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\webappsstore.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html Suspect : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox MailBerkeleymbox: infecté - 18, suspect - 1 ignoré
C:\Documents and Settings\migou\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Historique\History.IE5\MSHist012009041820090419\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\temp\etilqs_fBBG4gujjDsUsgNAhr2J L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP: infecté - 13 ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html Suspect : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox Infecté : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv ZIP: infecté - 19, suspect - 1 ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe Infecté : Worm.Win32.AutoRun.yrj ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR: infecté - 1 ignoré
C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3 Infecté : Trojan-Downloader.WMA.GetCodec.c ignoré
C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3 Infecté : Trojan-Downloader.WMA.GetCodec.c ignoré
C:\Documents and Settings\migou\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\migou\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe/data0000.cab/pvxgfsd.exe Infecté : Backdoor.Win32.IRCBot.icx ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe/data0000.cab Infecté : Backdoor.Win32.IRCBot.icx ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe Rsrc-Package: infecté - 2 ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP329\A0391177.dll Infecté : Packed.Win32.Klone.j ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP336\change.log L'objet est verrouillé ignoré
C:\WINDOWS\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\TuneUp.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\Logfiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_154.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 18/04/2009
Enregistrements dans la base antivirus Kaspersky : 1861669
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
E:\
F:\
Statistiques de l'analyse
Total d'objets analysés 118267
Nombre de virus trouvés 12
Nombre d'objets infectés 61 / 0
Nombre d'objets suspects 2
Durée de l'analyse 03:53:43
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software\TuneUp Utilities\Program Statistics\ProgramStatistics.tudb L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\webappsstore.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html Suspect : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Application Data\Thunderbird\Profiles\gzbnuq6w.default\Mail\Local Folders\Inbox MailBerkeleymbox: infecté - 18, suspect - 1 ignoré
C:\Documents and Settings\migou\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Historique\History.IE5\MSHist012009041820090419\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\temp\etilqs_fBBG4gujjDsUsgNAhr2J L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP: infecté - 13 ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe Infecté : Email-Worm.Win32.Zhelatin.a ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe Infecté : Trojan-Downloader.Win32.Small.ciw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe Infecté : Email-Worm.Win32.Zhelatin.h ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx Infecté : Trojan-Downloader.Win32.VB.ft ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html Infecté : Trojan-Spy.HTML.Bankfraud.rw ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html Infecté : Trojan-Spy.HTML.Bankfraud.ra ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif Infecté : Trojan-Spy.HTML.Bankfraud.ri ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html Suspect : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox Infecté : Trojan-Spy.HTML.Fraud.gen ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv ZIP: infecté - 19, suspect - 1 ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe Infecté : Worm.Win32.AutoRun.yrj ignoré
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR: infecté - 1 ignoré
C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3 Infecté : Trojan-Downloader.WMA.GetCodec.c ignoré
C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3 Infecté : Trojan-Downloader.WMA.GetCodec.c ignoré
C:\Documents and Settings\migou\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\migou\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe/data0000.cab/pvxgfsd.exe Infecté : Backdoor.Win32.IRCBot.icx ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe/data0000.cab Infecté : Backdoor.Win32.IRCBot.icx ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP328\A0391086.exe Rsrc-Package: infecté - 2 ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP329\A0391177.dll Infecté : Packed.Win32.Klone.j ignoré
C:\System Volume Information\_restore{59BB58DD-F473-4A90-BE94-CF69C5ED6186}\RP336\change.log L'objet est verrouillé ignoré
C:\WINDOWS\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\TuneUp.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\Logfiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_154.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
19 avril 2009 à 12:27
19 avril 2009 à 12:27
Salut,
- Je crois que l'on ne sait pas bien compris, tant que tu balladeras tous ces cracks et keygens, les infections resteront !
- Il n'existe aucun " outil " pouvant remedier à cela... Tant qu'ils seront présents sur ta machine, les infections se relanceront, donc dis moi quand tu seras décidé a les supprimer...
Au sujet des cracks et des telechargements P2P, je te conseilles de prendre du temps pour lire ceci :
https://forum.malekal.com/viewtopic.php?f=33&t=893
https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/
http://www.libellules.ch/dangers_logiciels.php
- Je crois que l'on ne sait pas bien compris, tant que tu balladeras tous ces cracks et keygens, les infections resteront !
- Il n'existe aucun " outil " pouvant remedier à cela... Tant qu'ils seront présents sur ta machine, les infections se relanceront, donc dis moi quand tu seras décidé a les supprimer...
Au sujet des cracks et des telechargements P2P, je te conseilles de prendre du temps pour lire ceci :
https://forum.malekal.com/viewtopic.php?f=33&t=893
https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/
http://www.libellules.ch/dangers_logiciels.php
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
19 avril 2009 à 14:03
19 avril 2009 à 14:03
Ok, quand ce sera fait, préviens moi pour la suite !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
19 avril 2009 à 14:31
19 avril 2009 à 14:31
Ok,
- Il faut comprendre que c'est pour ton bien et celui de ton pc que je te demandes de virer ces M****s... Pas trés amusant de savoir que l'on a meme plus le control de son propre pc, ce qui est le cas...
Regardes ICI au sujet de :Trojan Downloader.Win32.VB.ft, une des diverses infections trouvées par Kaspersky, cliques sur [plus d'informations] et tu comprendras...
--------------------------------------
* telecharges SDFix sur ton bureau :
* Fermes toutes les applications en cours, puis double clic sur le raccourci de ton bureau
- Clic sur " Install " pour l'extraire dans un dossier dedié
- Redemarres ton pc en mode sans echec :
- Au demarrage du pc, tapotes sur la touche F8 ou F5 du clavier juste aprés le bip du bios et avant le logo " windows "
- Un ecran avec plusieurs choix apparaitra > selectionnes " mode sans echec " et valides par la touche " Entrée " de ton clavier
- Une fois en " mode sans echec " , ouvres le fichier créé, puis double clic sur " Runthis.bat "
- Une fenetre noir apparait, appuies sur la touche " Y " pour lancer le nettoyage
- Le bureau va disparaitre, c'est normal
- L'outil va travailler, patientes jusqu'à la fin du scan
- Une fois terminé, Sdfix te signalera que l'ordi doit redemarrer, acceptes en pressant une touche..
- Le pc va redemarrer en mode normal, une fois ton bureau en place, il va générer un rapport
- Sauvegardes le et poste son contenu ( tu le trouveras aussi à c:\report.txt)
Note :
-Si SDfix ne se lance pas --> ça peut arriver
- clic sur Démarrer->Exécuter
- Copie/colle ceci dans la fenêtre :
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe
- Clique sur ok, et valide.
- Redémarre et essaye de nouveau de lancer SDfix.
- Il faut comprendre que c'est pour ton bien et celui de ton pc que je te demandes de virer ces M****s... Pas trés amusant de savoir que l'on a meme plus le control de son propre pc, ce qui est le cas...
Regardes ICI au sujet de :Trojan Downloader.Win32.VB.ft, une des diverses infections trouvées par Kaspersky, cliques sur [plus d'informations] et tu comprendras...
--------------------------------------
* telecharges SDFix sur ton bureau :
* Fermes toutes les applications en cours, puis double clic sur le raccourci de ton bureau
- Clic sur " Install " pour l'extraire dans un dossier dedié
- Redemarres ton pc en mode sans echec :
- Au demarrage du pc, tapotes sur la touche F8 ou F5 du clavier juste aprés le bip du bios et avant le logo " windows "
- Un ecran avec plusieurs choix apparaitra > selectionnes " mode sans echec " et valides par la touche " Entrée " de ton clavier
- Une fois en " mode sans echec " , ouvres le fichier créé, puis double clic sur " Runthis.bat "
- Une fenetre noir apparait, appuies sur la touche " Y " pour lancer le nettoyage
- Le bureau va disparaitre, c'est normal
- L'outil va travailler, patientes jusqu'à la fin du scan
- Une fois terminé, Sdfix te signalera que l'ordi doit redemarrer, acceptes en pressant une touche..
- Le pc va redemarrer en mode normal, une fois ton bureau en place, il va générer un rapport
- Sauvegardes le et poste son contenu ( tu le trouveras aussi à c:\report.txt)
Note :
-Si SDfix ne se lance pas --> ça peut arriver
- clic sur Démarrer->Exécuter
- Copie/colle ceci dans la fenêtre :
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe
- Clique sur ok, et valide.
- Redémarre et essaye de nouveau de lancer SDfix.
[b]SDFix: Version 1.240 [/b]
Run by migou on 19/04/2009 at 18:39
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-19 18:48:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE:*:Enabled:Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Messenger"
"C:\\Program Files\\Java\\jre1.5.0_01\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_01\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Enabled:Logiciel de transfert de fichiers"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\HomePlayer1.5\\HomePlayer.exe"="C:\\Program Files\\HomePlayer1.5\\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\\Program Files\\HomePlayer1.5\\vlc\\vlc.exe"="C:\\Program Files\\HomePlayer1.5\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe"="C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\\WINDOWS\\system32\\WinFox\\WFDDRVUP.exe"="C:\\WINDOWS\\system32\\WinFox\\WFDDRVUP.exe:*:Enabled:WinFox Display Driver Living Update Program"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)\Tools.dll"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\is-JGHQK.tmp"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Sat 19 Aug 2006 940,811 ..SH. --- "C:\WINDOWS\system32\bbadd.tmp"
Tue 9 Sep 2008 848 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 11 Feb 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\DRMv1.bak"
Sat 15 Dec 2007 289 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti14.tmp"
Wed 8 Nov 2006 1,297,501 A.SH. --- "C:\WINDOWS\Microsoft.NET\Framework\eolptc.tmp"
Wed 2 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\Cache\Indiv02.tmp"
Sat 19 Apr 2008 20,480 A..H. --- "C:\Documents and Settings\migou\Mes documents\Word\~WRL0004.tmp"
Thu 8 May 2008 47,616 A..H. --- "C:\Documents and Settings\migou\Mes documents\Word\~WRL1277.tmp"
Wed 28 Sep 2005 28,160 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\ModŠles\~WRL1506.tmp"
Wed 19 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0003.tmp"
Wed 5 Mar 2008 19,456 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0055.tmp"
Thu 8 May 2008 48,640 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0385.tmp"
Sat 19 Apr 2008 20,992 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0425.tmp"
Wed 5 Mar 2008 22,528 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0578.tmp"
Wed 26 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0685.tmp"
Wed 5 Mar 2008 20,992 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0700.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0737.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0829.tmp"
Wed 26 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0864.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL1348.tmp"
Wed 26 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL1624.tmp"
Wed 5 Mar 2008 24,064 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2130.tmp"
Wed 5 Mar 2008 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2186.tmp"
Wed 5 Mar 2008 19,456 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2230.tmp"
Wed 5 Mar 2008 20,480 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2865.tmp"
Wed 5 Mar 2008 21,504 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3515.tmp"
Sat 19 Apr 2008 20,480 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3740.tmp"
Wed 5 Mar 2008 22,528 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3834.tmp"
Tue 7 Jan 2003 37,888 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde cl‚ sony\Pr‚lim COMINT\~WRL0826.tmp"
Mon 16 Sep 2002 87,552 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL0240.tmp"
Mon 16 Sep 2002 90,112 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL0628.tmp"
Mon 16 Sep 2002 88,064 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL1877.tmp"
Mon 16 Sep 2002 87,552 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL2872.tmp"
Thu 22 Sep 2005 45,056 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\pr‚lim 93S2005\~WRL0003.tmp"
Thu 15 Mar 2007 39,424 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 227S2006 BOUZID II\~WRL0001.tmp"
Thu 15 Mar 2007 50,176 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 227S2006 BOUZID II\~WRL0709.tmp"
Tue 7 Jan 2003 37,888 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 107S2004 JIRS NCI\Pr‚lim COMINT\~WRL0826.tmp"
Wed 12 Jun 2002 36,352 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\SCONAMIGLIO Alcool 13.2002\CRG2002S13\~WRL0002.tmp"
[b]Finished![/b]
Run by migou on 19/04/2009 at 18:39
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-19 18:48:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE:*:Enabled:Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Messenger"
"C:\\Program Files\\Java\\jre1.5.0_01\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_01\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Enabled:Logiciel de transfert de fichiers"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\HomePlayer1.5\\HomePlayer.exe"="C:\\Program Files\\HomePlayer1.5\\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\\Program Files\\HomePlayer1.5\\vlc\\vlc.exe"="C:\\Program Files\\HomePlayer1.5\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe"="C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\\WINDOWS\\system32\\WinFox\\WFDDRVUP.exe"="C:\\WINDOWS\\system32\\WinFox\\WFDDRVUP.exe:*:Enabled:WinFox Display Driver Living Update Program"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)\Tools.dll"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\is-JGHQK.tmp"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Sat 19 Aug 2006 940,811 ..SH. --- "C:\WINDOWS\system32\bbadd.tmp"
Tue 9 Sep 2008 848 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 11 Feb 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\DRMv1.bak"
Sat 15 Dec 2007 289 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti14.tmp"
Wed 8 Nov 2006 1,297,501 A.SH. --- "C:\WINDOWS\Microsoft.NET\Framework\eolptc.tmp"
Wed 2 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\Cache\Indiv02.tmp"
Sat 19 Apr 2008 20,480 A..H. --- "C:\Documents and Settings\migou\Mes documents\Word\~WRL0004.tmp"
Thu 8 May 2008 47,616 A..H. --- "C:\Documents and Settings\migou\Mes documents\Word\~WRL1277.tmp"
Wed 28 Sep 2005 28,160 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\ModŠles\~WRL1506.tmp"
Wed 19 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0003.tmp"
Wed 5 Mar 2008 19,456 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0055.tmp"
Thu 8 May 2008 48,640 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0385.tmp"
Sat 19 Apr 2008 20,992 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0425.tmp"
Wed 5 Mar 2008 22,528 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0578.tmp"
Wed 26 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0685.tmp"
Wed 5 Mar 2008 20,992 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0700.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0737.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0829.tmp"
Wed 26 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL0864.tmp"
Wed 26 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL1348.tmp"
Wed 26 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL1624.tmp"
Wed 5 Mar 2008 24,064 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2130.tmp"
Wed 5 Mar 2008 19,968 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2186.tmp"
Wed 5 Mar 2008 19,456 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2230.tmp"
Wed 5 Mar 2008 20,480 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL2865.tmp"
Wed 5 Mar 2008 21,504 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3515.tmp"
Sat 19 Apr 2008 20,480 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3740.tmp"
Wed 5 Mar 2008 22,528 ...H. --- "C:\Documents and Settings\migou\Application Data\Microsoft\Word\~WRL3834.tmp"
Tue 7 Jan 2003 37,888 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde cl‚ sony\Pr‚lim COMINT\~WRL0826.tmp"
Mon 16 Sep 2002 87,552 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL0240.tmp"
Mon 16 Sep 2002 90,112 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL0628.tmp"
Mon 16 Sep 2002 88,064 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL1877.tmp"
Mon 16 Sep 2002 87,552 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PEREZ GOMEZ\~WRL2872.tmp"
Thu 22 Sep 2005 45,056 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\pr‚lim 93S2005\~WRL0003.tmp"
Thu 15 Mar 2007 39,424 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 227S2006 BOUZID II\~WRL0001.tmp"
Thu 15 Mar 2007 50,176 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 227S2006 BOUZID II\~WRL0709.tmp"
Tue 7 Jan 2003 37,888 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\PV 107S2004 JIRS NCI\Pr‚lim COMINT\~WRL0826.tmp"
Wed 12 Jun 2002 36,352 A..H. --- "C:\Documents and Settings\migou\Mes documents\Document Papa\sauvegarde sony 108\Dossiers judiciaires\SCONAMIGLIO Alcool 13.2002\CRG2002S13\~WRL0002.tmp"
[b]Finished![/b]
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
19 avril 2009 à 22:28
19 avril 2009 à 22:28
- Là, meme si en sachant que si je te fais changer d'antivirus, on aurait pas besoin de faire tout ça, rien que pour le Fun :
*Telecharges OTMoveIt3 de Oldtimer et enregistres le sur le bureau
- Desactives la garde de ton antivirus
- Fermes toutes les applications en cours et double cliques sur OTMoveIT
- Assures toi que la case " Unregister Dll's and ocx's " soit bien cochée et copie ( ctrl+ C) ce qui est ci dessous en gras " :
:processes
explorer.exe
:files
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcvZIP
C:\Documents and Settings\migou\Mes documents\Document
Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox
C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3
C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
Colles (Ctrl+V) le texte précédemment copié dans le cadre " Paste Instructions for Items to be Moved "
Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Postes le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
*Telecharges OTMoveIt3 de Oldtimer et enregistres le sur le bureau
- Desactives la garde de ton antivirus
- Fermes toutes les applications en cours et double cliques sur OTMoveIT
- Assures toi que la case " Unregister Dll's and ocx's " soit bien cochée et copie ( ctrl+ C) ce qui est ci dessous en gras " :
:processes
explorer.exe
:files
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcvZIP
C:\Documents and Settings\migou\Mes documents\Document
Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html
C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox
C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3
C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3
C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
Colles (Ctrl+V) le texte précédemment copié dans le cadre " Paste Instructions for Items to be Moved "
Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Postes le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
20 avril 2009 à 10:09
20 avril 2009 à 10:09
Salut,
Oups et désolé : http://oldtimer.geekstogo.com/OTMoveIt3.exe
Oups et désolé : http://oldtimer.geekstogo.com/OTMoveIt3.exe
Merci ^^
Error: Unable to interpret <Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR> in the current context!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\migou\LOCALS~1\Temp\etilqs_d45KjWoCDKxc2F3iFTqA scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\migou\LOCALS~1\Temp\fla8.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\migou\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_158.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6c0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04202009_121344
Files moved on Reboot...
File C:\DOCUME~1\migou\LOCALS~1\Temp\etilqs_d45KjWoCDKxc2F3iFTqA not found!
File C:\DOCUME~1\migou\LOCALS~1\Temp\fla8.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_158.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_6c0.dat moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite moved successfully.
Error: Unable to interpret <Papa\trojan.remover.v6.3.5.mafyozo.rar/trojan.remover.v6.3.5/RmvTrjan.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv/Mail/Local Folders/Inbox> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 1.5.0.9 (fr) - 2007-02-26.pcv ZIP> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Castro Lewis ][Date 20 Jan 2007 02:43:56][Subj Russian missle shot down Chinese aircraft]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Sosa Y. Sibyl ][Date 19 Jan 2007 22:02:37][Subj Sadam Hussein safe and sound!]/Full Story.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rodgers U. Wallace ][Date 20 Jan 2007 15:29:03][Subj Russian missle shot down USA satellite]/Video.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Rosa R. Watkins ][Date 24 Jan 2007 21:30:51][Subj If I Knew]/Flash Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From Stroud ][Date 28 Jan 2007 21:57:45][Subj Dream Girl]/Postcard.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From MAILER-DAEMON@free.fr][Date 15 Feb 2007 20:16:55][Subj failure notice]/[From "migmars@free.fr" ][Date 15 Feb 2007 21:18:51][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:17:44][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_2005_09_fr_181_blog=?I]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:22:54][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 13:28:15][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From admin@passado.ecircle-ag.com][Date 15 Feb 2007 21:29:31][Subj ImpossibilitÚ_de_dÚlivrer_votre_mesage_Ó_invitation-launch-gr3=]/message/[From "migmars@free.fr" ][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "migmars@free.fr" ][Date 15 Feb 2007 14:20:13][Subj Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From marie-josee.gas@nimes-metropole.fr][Date 19 Feb 2007 11:46:48][Subj RÚf._:_Anniversaire]/Anniversaire.asx> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] please read this message. [Mon, 05 Mar 2007 17:11:15 -05]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Date 28 Mar 2007 15:42:08][Subj [Bulk] e-banking account confirmation]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "BB&T" ][Subj [Bulk] BB&T: security maintenance! -Fri, 06 Apr 2007 05:40:46 -]/daybed.gif> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "Branch Banking and Trust" ][Subj [Bulk] BB&T reminder: notification. [Sat, 07 Apr 2007 09:42:48]/crop.gif> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox/[From "eBay" ][Subj Software updating! (mess_id: 3865029)]/html> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\Thunderbird 2.0.0.6 (fr) - 2007-10-13.pcv/Mail/Local Folders/Inbox> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Incomplete\T-3545425-jerusalem shirel.mp3> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Incomplete\T-5745425-toi plus moi gregoire.mp3> in the current context!
Error: Unable to interpret <C:\Documents and Settings\migou\Mes documents\Document Papa\trojan.remover.v6.3.5.mafyozo.rar RAR> in the current context!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\migou\LOCALS~1\Temp\etilqs_d45KjWoCDKxc2F3iFTqA scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\migou\LOCALS~1\Temp\fla8.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\migou\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_158.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6c0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04202009_121344
Files moved on Reboot...
File C:\DOCUME~1\migou\LOCALS~1\Temp\etilqs_d45KjWoCDKxc2F3iFTqA not found!
File C:\DOCUME~1\migou\LOCALS~1\Temp\fla8.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_158.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_6c0.dat moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\migou\Local Settings\Application Data\Mozilla\Firefox\Profiles\9fngy4t7.default\urlclassifier3.sqlite moved successfully.
Ced_King
Messages postés
3519
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
10 octobre 2016
571
20 avril 2009 à 12:38
20 avril 2009 à 12:38
Salut,
- De rien, mais cela n'a pas spécialement fonctionné...
- Voilà ce que tu vas faire, changes d'antivirus car Avast est une daube :
- Supprimes Avast et telecharges Avira Antivir C'est ce que l'on fait de mieux en gratuit et il vaut meme certains payants...
- Installes le et configures le avec le Tutoriel Avira antivir
Si tu éprouves de la difficulté a desinstaller Avast, sers toi de l'utilitaire d'Avast
- Puis redemarres ton pc en mode sans echec et lances un scan avec Avira antivir, il devrait faire un gros ménage...
- Note : Attention, tu ne dois avoir qu'un seul antivirus sur ton pc --> sinon risque de conflits entre eux...
- Postes le rapport généré
------------------------------
- De rien, mais cela n'a pas spécialement fonctionné...
- Voilà ce que tu vas faire, changes d'antivirus car Avast est une daube :
- Supprimes Avast et telecharges Avira Antivir C'est ce que l'on fait de mieux en gratuit et il vaut meme certains payants...
- Installes le et configures le avec le Tutoriel Avira antivir
Si tu éprouves de la difficulté a desinstaller Avast, sers toi de l'utilitaire d'Avast
- Puis redemarres ton pc en mode sans echec et lances un scan avec Avira antivir, il devrait faire un gros ménage...
- Note : Attention, tu ne dois avoir qu'un seul antivirus sur ton pc --> sinon risque de conflits entre eux...
- Postes le rapport généré
------------------------------
Thecky
Messages postés
9
Date d'inscription
jeudi 16 avril 2009
Statut
Membre
Dernière intervention
20 mars 2010
29 avril 2009 à 23:50
29 avril 2009 à 23:50
Avira AntiVir Personal
Date de création du fichier de rapport : mercredi 29 avril 2009 23:51
La recherche porte sur 1284893 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : migou
Nom de l'ordinateur : MIGOUONE
Informations de version :
BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:54
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:14
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:20
Version du moteur : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:56
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:25
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:10
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:10
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:32
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Bref contrôle système après installation
Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : mercredi 29 avril 2009 23:51
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmplayer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PhotoFiltre.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'COCIManager.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Communications_Helper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SERVIC~1.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'WCESCOMM.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Monitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winampa.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Quickcam.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DataLayer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'E_FATI9CE.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'sstray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'TUProgSt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Logon.tmp' - '1' module(s) sont contrôlés
Processus de recherche 'SiSWLSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'tcpsvcs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CTSVCCDA.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ashServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'59' processus ont été contrôlés avec '59' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '60' fichiers).
Fin de la recherche : mercredi 29 avril 2009 23:51
Temps nécessaire: 00:45 Minute(s)
La recherche a été effectuée intégralement
0 Les répertoires ont été contrôlés
484 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de contrôler des fichiers
484 Fichiers non infectés
3 Les archives ont été contrôlées
0 Avertissements
0 Consignes
Date de création du fichier de rapport : mercredi 29 avril 2009 23:51
La recherche porte sur 1284893 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : migou
Nom de l'ordinateur : MIGOUONE
Informations de version :
BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:54
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:14
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:20
Version du moteur : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:56
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:25
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:10
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:10
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:32
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Bref contrôle système après installation
Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : mercredi 29 avril 2009 23:51
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés
Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmplayer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PhotoFiltre.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'COCIManager.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Communications_Helper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SERVIC~1.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'WCESCOMM.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Monitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winampa.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Quickcam.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DataLayer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'E_FATI9CE.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'sstray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'TUProgSt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Logon.tmp' - '1' module(s) sont contrôlés
Processus de recherche 'SiSWLSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'tcpsvcs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CTSVCCDA.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ashServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'59' processus ont été contrôlés avec '59' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '60' fichiers).
Fin de la recherche : mercredi 29 avril 2009 23:51
Temps nécessaire: 00:45 Minute(s)
La recherche a été effectuée intégralement
0 Les répertoires ont été contrôlés
484 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
0 Impossible de contrôler des fichiers
484 Fichiers non infectés
3 Les archives ont été contrôlées
0 Avertissements
0 Consignes
