Sujet Précédent Sujet Suivant

Win32/Genetik trojan

Fermé
Utilisateur anonyme - 16 janv. 2010 à 17:37
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010 - 17 janv. 2010 à 13:57
Bonjour,

Je suis actullement en train de faire un scan avec ESET On line et il m'a détecté un virus, probablement une variante de Win32/Genetik trojan. Que dois-je faire... Attendre la fin du scan et après ? Meri d'avance.
A voir également:

8 réponses

Réponse 1 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 17:43
Télécharge HiJackThis
Renomme le en "it's the best" ou "HJT" ^^
Lance HJT
Clique sur la première case qui s'affiche et poste le rapport ici stp.
0
Capded
16 janv. 2010 à 17:58
aLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:58:08, on 16/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Le Robert\Le Grand Robert\grwinHyper.exe
C:\Program Files (x86)\IncrediMail\bin\IncMail.exe
C:\Users\Croûtons\AppData\Local\Clavier+\Clavier.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\IncrediMail\bin\IMApp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\PROGRA~2\Bandoo\BndCore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10d.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 1\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp64&d=1006&m=aspire_x1700
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.home.jzip.com/search?fr=i3752
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Babylon Client] "C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe" -AutoStart
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMMediaSharing] "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe"
O4 - HKLM\..\Run: [SiteVacuum] "C:\Program Files (x86)\EasySearch\SiteVacuumClient.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files (x86)\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [grwinHyper] C:\Program Files (x86)\Le Robert\Le Grand Robert\grwinHyper.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Clavier+] C:\Users\Croûtons\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [Le Petit Robert V3 Hyperappel] C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files (x86)\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Hyperappel du Petit Larousse 2010.lnk = C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Envoyer à OneNote - res:///105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Desktop Notes - {035E680E-B668-472F-91F3-E850BCC5051F} - C:\Program Files (x86)\Crawler\Notes\CNotes.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: c:\progra~2\google\google~1\go36f4~1.dll c:\progra~2\bandoo\bndhook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~2\Bandoo\Bandoo.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1ca31703229744d) (gupdate1ca31703229744d) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PCCRON - Unknown owner - C:\PCStreet\bin\cygrunsrv.exe
O23 - Service: PCROADCPS - Unknown owner - C:\PCStreet\bin\cygrunsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Sync\SeaSyncServices.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 2 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 18:07
Lignes à effacer :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.home.jzip.com/search?fr=i3752

(la ligne suivante est situé sous: O1 - Hosts: ::1 localhost)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O4 - HKLM\..\Run: [SiteVacuum] "C:\Program Files (x86)\EasySearch\SiteVacuumClient.exe" Sauf si tu sais ce que c'est

O20 - AppInit_DLLs: c:\progra~2\google\google~1\go36f4~1.dll c:\progra~2\bandoo\bndhook.dll
0
Capded
16 janv. 2010 à 18:20
L'ai-je bien fait ? Que dois-je t'envoyer maintenant por être sûr de la "propreté" de mon système ?
0
Réponse 3 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 18:29
Oups j'ai oublié de te dire un truc... est-ce-que, pour supprimer les lignes tu a fais Fix Checked ?

Après tu télécharges USBFix.
Le programme peut être considéré comme néfaste par ton antivirus, mais ce n'est pas le cas.

Tu lances le programme et fais "f" puis entrée
Ensuite tu fais recherche en faisant 1 puis Entrée et tu postes
A la racine de ton DD tu cherches le fichier UsbFix.txt
Tu copies tout en faisant Ctrl + A et tu copies tout ici
0
Capded
16 janv. 2010 à 19:00
Voici le rapport attendu.


############################## | UsbFix V6.074 |

User : Croûtons (Administrateurs) # PC-BARREAU
Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 18:52:42 | 16/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 455,92 Go (371,95 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 457,09 Go (449,12 Go free) [DATA] # NTFS
E:\ -> Disque amovible
F:\ -> Disque CD-ROM
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque fixe local # 74,53 Go (60,77 Go free) [FreeAgent Drive] # NTFS
J:\ -> Disque amovible # 245,73 Mo (236,25 Mo free) [UDISK 2.0] # FAT
K:\ -> Disque amovible # 938,13 Mo (937,66 Mo free) # FAT32

############################## | Processus actifs |

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 1284
C:\Program Files (x86)\a-squared Free\a2service.exe 1564
C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe 1612
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 1668
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1700
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1776
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 1820
C:\Program Files (x86)\Le Robert\Le Grand Robert\grwinHyper.exe 2232
C:\Program Files (x86)\IncrediMail\bin\IncMail.exe 2280
C:\Users\Croûtons\AppData\Local\Clavier+\Clavier.exe 2288
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe 2312
C:\Program Files (x86)\uTorrent\uTorrent.exe 2424
C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe 2460
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 2512
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 2548
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe 2584
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe 2976
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe 2996
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe 3032
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 2052
C:\Program Files (x86)\Java\jre6\bin\jusched.exe 2148
C:\Program Files (x86)\IncrediMail\bin\IMApp.exe 2212
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 3104
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe 3248
C:\PCStreet\bin\cygrunsrv.exe 3292
C:\PCStreet\bin\cygrunsrv.exe 3360
c:\PCStreet\bin\pccron.exe 3444
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 3452
C:\Program Files (x86)\Seagate\Sync\SeaSyncServices.exe 3484
c:\PCStreet\bin\pcroadcps.exe 3496
C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe 3556
C:\PROGRA~2\Bandoo\Bandoo.exe 3736
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 3928
C:\PROGRA~2\Bandoo\BndCore.exe 2332
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10d.exe 4792
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 5012
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 3776
C:\Windows\SysWOW64\NOTEPAD.EXE 5816
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE 5636
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE 1468
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe 5584
C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe 1360
C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe 5720
C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 1\firefox.exe 692
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE 5844

################## | Elements infectieux |

C:\Users\CROTON~1\AppData\Local\Temp\GLF8997.tmp.exe
C:\Users\CROTON~1\AppData\Local\Temp\nsb8029.tmp.exe
C:\Users\CROTON~1\AppData\Local\Temp\nsm1383.tmp.exe
J:\autorun.inf
J:\autorun.inf -> fichier appelé : "J:\mbvd.exe" ( Absent ! )
K:\autorun.inf
K:\autorun.inf -> fichier appelé : "K:\srgo.exe" ( Présent ! )
K:\srgo.exe

################## | Registre |


################## | Mountpoints2 |


################## | Cracks > Keygens > Serials |

"C:\PCStreet\bin\ssh-keygen.exe"
03/02/2008 21:23 |Size 100352 |Crc32 2fcb3b3c |Md5 39f9895ee741773db68e22d8fc49a304

"C:\PCStreet\NewVersion\bin\ssh-keygen.exe"
03/02/2008 21:23 |Size 100352 |Crc32 2fcb3b3c |Md5 39f9895ee741773db68e22d8fc49a304

"D:\Téléchargement\Macromedia Flash Professional 8 Francais avec serial by The Pirate\Flash8-fr.exe"
28/09/2005 15:06 |Size 113245824 |Crc32 d8c43071 |Md5 f7b461e264906d2fd9db67a731b285e2

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\Tmpgenc Xpress 3.0.4.24 License Crack.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncDVDAuthor16.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncMEditBatch.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncMPEGEditor.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TDA-1.6.26.73-install-EN.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TE3XP-retail-3.0.4.24-install-EN.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TME-retail-1.0.1.59-install-en.exe

"D:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TSP-AC3-1.10-install-EN.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\Tmpgenc Xpress 3.0.4.24 License Crack.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncDVDAuthor16.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncMEditBatch.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\cracked\TMPGEncMPEGEditor.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TDA-1.6.26.73-install-EN.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TE3XP-retail-3.0.4.24-install-EN.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TME-retail-1.0.1.59-install-en.exe

"I:\Téléchargement\Tmpgenc Xpress 3.0.4.24 Mpeg Editor v1.0.1.59 Dvd Author 1.6.26.73 Ac-3 Plugin 1.10 Cracks.zip"
-> Contain : TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + cracks\TSP-AC3-1.10-install-EN.exe

"D:\Téléchargement\Macromedia Dreamweaver 8 Francais avec serial.rar"
-> contain : Macromedia Dreamweaver 8 Francais avec serial by The Pirate\Dreamweaver8-fr.exe

"D:\Téléchargement\Macromedia Dreamweaver 8 Francais avec serial.rar"
-> contain : Macromedia Dreamweaver 8 Francais avec serial by The Pirate\Studio 8 Keygen.exe

"D:\Téléchargement\Macromedia Flash Professional 8 Francais avec serial by The Pirate.rar"
-> contain : Macromedia Flash Professional 8 Francais avec serial by The Pirate\Flash8-fr.exe

"D:\Téléchargement\Macromedia Flash Professional 8 Francais avec serial by The Pirate.rar"
-> contain : Macromedia Flash Professional 8 Francais avec serial by The Pirate\Studio 8 Keygen.exe

"D:\Téléchargement\Smart-Draw 7 vSuite-Edition + keygen.rar"
-> contain : Keygen.exe

"D:\Téléchargement\Smart-Draw 7 vSuite-Edition + keygen.rar"
-> contain : smartdraw.exe

"I:\Téléchargement\Macromedia Dreamweaver 8 Francais avec serial.rar"
-> contain : Macromedia Dreamweaver 8 Francais avec serial by The Pirate\Dreamweaver8-fr.exe

"I:\Téléchargement\Macromedia Dreamweaver 8 Francais avec serial.rar"
-> contain : Macromedia Dreamweaver 8 Francais avec serial by The Pirate\Studio 8 Keygen.exe

"I:\Téléchargement\Macromedia Flash Professional 8 Francais avec serial by The Pirate.rar"
-> contain : Macromedia Flash Professional 8 Francais avec serial by The Pirate\Flash8-fr.exe

"I:\Téléchargement\Macromedia Flash Professional 8 Francais avec serial by The Pirate.rar"
-> contain : Macromedia Flash Professional 8 Francais avec serial by The Pirate\Studio 8 Keygen.exe

"I:\Téléchargement\Smart-Draw 7 vSuite-Edition + keygen.rar"
-> contain : Keygen.exe

"I:\Téléchargement\Smart-Draw 7 vSuite-Edition + keygen.rar"
-> contain : smartdraw.exe


################## | ! Fin du rapport # UsbFix V6.074 ! |
0
Réponse 4 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 19:03
Tu as bien mis tout tes disques amovibles ?
Parce qu'il y en a pas beaucoup de branchés... Enfin c'est peut-être moi qui en ai trop =P

Normalement tout devrais être bon, mais fait un scan COMPLET de ton DD avec Avira et rescanne avec ton truc en ligne
0
Capded
16 janv. 2010 à 19:34
Voici le rapport Avira :



Avira AntiVir Personal
Report file date: samedi 16 janvier 2010 18:24

Scanning for 1543015 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista 64 Bit
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : Système
Computer name : PC-BARREAU

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 01:29:01
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 01:29:01
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 01:29:01
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 01:29:01
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 01:29:01
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 01:29:01
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 01:29:01
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 01:29:01
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 01:29:02
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 01:29:02
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 01:29:02
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 01:29:02
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 01:29:03
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 01:29:04
VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 01:29:06
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 01:29:07
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 01:29:08
VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 01:29:09
VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 01:29:09
VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 01:29:10
VBASE021.VDF : 7.10.2.131 201216 Bytes 07/01/2010 01:29:13
VBASE022.VDF : 7.10.2.158 192000 Bytes 11/01/2010 09:56:03
VBASE023.VDF : 7.10.2.186 200704 Bytes 14/01/2010 09:56:02
VBASE024.VDF : 7.10.2.187 2048 Bytes 14/01/2010 09:56:02
VBASE025.VDF : 7.10.2.188 2048 Bytes 14/01/2010 09:56:03
VBASE026.VDF : 7.10.2.189 2048 Bytes 14/01/2010 09:56:03
VBASE027.VDF : 7.10.2.190 2048 Bytes 14/01/2010 09:56:04
VBASE028.VDF : 7.10.2.191 2048 Bytes 14/01/2010 09:56:04
VBASE029.VDF : 7.10.2.192 2048 Bytes 14/01/2010 09:56:04
VBASE030.VDF : 7.10.2.193 2048 Bytes 14/01/2010 09:56:05
VBASE031.VDF : 7.10.2.202 201728 Bytes 15/01/2010 09:56:00
Engineversion : 8.2.1.142
AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52
AESCRIPT.DLL : 8.1.3.7 594296 Bytes 08/01/2010 01:29:23
AESCN.DLL : 8.1.3.1 127348 Bytes 14/01/2010 09:56:38
AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 08/01/2010 01:29:22
AEPACK.DLL : 8.2.0.5 422262 Bytes 14/01/2010 09:56:37
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38
AEHEUR.DLL : 8.1.0.195 2232695 Bytes 14/01/2010 09:56:35
AEHELP.DLL : 8.1.10.0 237942 Bytes 14/01/2010 09:56:29
AEGEN.DLL : 8.1.1.83 369014 Bytes 08/01/2010 01:29:16
AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26
AECORE.DLL : 8.1.9.5 184693 Bytes 14/01/2010 09:56:28
AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Skipped files.......................: C:\Program Files\Le Robert\Le Petit Robert 2009\Robert.exe,
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: samedi 16 janvier 2010 18:24

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned
Scan process 'GoogleToolbarUser_32.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'splwow64.exe' - '0' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'FlashUtil10d.exe' - '1' Module(s) have been scanned
Scan process 'BndCore.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'Bandoo.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'conhost.exe' - '0' Module(s) have been scanned
Scan process 'conhost.exe' - '0' Module(s) have been scanned
Scan process 'pcroadcps.exe' - '1' Module(s) have been scanned
Scan process 'SeaSyncServices.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'pccron.exe' - '1' Module(s) have been scanned
Scan process 'cygrunsrv.exe' - '1' Module(s) have been scanned
Scan process 'cygrunsrv.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'ImApp.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'Babylon.exe' - '1' Module(s) have been scanned
Scan process 'eDSMSNLoader32.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'Hyperappel.exe' - '1' Module(s) have been scanned
Scan process 'uTorrent.exe' - '1' Module(s) have been scanned
Scan process 'StikyNot.exe' - '0' Module(s) have been scanned
Scan process 'sidebar.exe' - '0' Module(s) have been scanned
Scan process 'SpywareTerminatorUpdate.exe' - '1' Module(s) have been scanned
Scan process 'RobertHA.exe' - '0' Module(s) have been scanned
Scan process 'Clavier.exe' - '1' Module(s) have been scanned
Scan process 'IncMail.exe' - '1' Module(s) have been scanned
Scan process 'grwinHyper.exe' - '1' Module(s) have been scanned
Scan process 'Framework.Launcher.exe' - '0' Module(s) have been scanned
Scan process 'eDSLoader.exe' - '0' Module(s) have been scanned
Scan process 'SysMonitor.exe' - '0' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '0' Module(s) have been scanned
Scan process 'eDSService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'CLMSServer.exe' - '1' Module(s) have been scanned
Scan process 'taskhost.exe' - '0' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'atieclxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
44 processes with 44 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '26' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\$RECYCLE.BIN\S-1-5-21-3363994563-3272364198-3709456494-1000\$R67HAIL.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Swizzor.382139L Trojan
Begin scan in 'D:\' <DATA>

Beginning disinfection:
C:\$RECYCLE.BIN\S-1-5-21-3363994563-3272364198-3709456494-1000\$R67HAIL.zip
[NOTE] The file was moved to '4b88057d.qua'!


End of the scan: samedi 16 janvier 2010 19:27
Used time: 1:02:05 Hour(s)

The scan has been done completely.

33369 Scanned directories
1010031 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
1010028 Files not concerned
11938 Archives were scanned
2 Warnings
3 Notes
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 19:37
Bah normalement Avira devrait supprimer l'infection qui restait, mais elle a été mise en quarantaine.
Donc va dans la zone de quarantaine et supprime-le
0
Capded
16 janv. 2010 à 19:51
J'ai tout supprimé dans la zone de quarantaine. Maintenant je recommence les scans.
0
Réponse 6 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
16 janv. 2010 à 19:53
Wouhou ! t'es un foufou toi ! Perso j'aurais jamais passer deux scans... mais bon c'est mieux comme ça =D
0
Capded
16 janv. 2010 à 20:08
Un peu foufou, c'est sûr. Mais je sais que ESET (entre autres) ne trouve pas toujours les mêmes problèmes qu'Antivir. Il ne me reste plus qu'à attendre : pltôt deux fois qu'une !
0
Réponse 7 / 8
Utilisateur anonyme
16 janv. 2010 à 20:21
le mieux aurait était de mettre le rapport de eset une fois fini...

c:\program files\esetonlinescan\log.txt (un truc comme ca^^)
0
Capded
16 janv. 2010 à 20:24
Je te le mettrai une fois le scan fini. Merci.
0
Capdec
17 janv. 2010 à 04:13
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=373d382c6d2b5140bdfd7a60ed86ac66
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-12-05 07:47:30
# local_time=2009-12-05 08:47:30 (+0100, Paris, Madrid)
# country="France"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 168110 168110 0 0
# compatibility_mode=1797 16775165 100 94 180294 56103399 72219 0
# compatibility_mode=5893 16776573 100 94 180875 12454442 0 0
# compatibility_mode=8192 67108863 100 0 71357 71357 0 0
# scanned=211891
# found=1
# cleaned=1
# scan_time=2960
C:\Users\Croûtons\AppData\Roaming\Desktopicon\eBayShortcuts.exe a variant of Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=373d382c6d2b5140bdfd7a60ed86ac66
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-12-10 09:37:12
# local_time=2009-12-10 10:37:12 (+0100, Paris, Madrid)
# country="France"
# lang=1036
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 605896 605896 0 0
# compatibility_mode=769 16775165 100 81 13895 196758430 6934 0
# compatibility_mode=1797 16775165 100 94 255799 56541185 43219 0
# compatibility_mode=5893 16776573 100 94 13955 12892228 0 0
# compatibility_mode=7937 16777213 100 100 253162 2055490 0 0
# compatibility_mode=8192 67108863 100 0 509143 509143 0 0
# scanned=72763
# found=0
# cleaned=0
# scan_time=3757
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=373d382c6d2b5140bdfd7a60ed86ac66
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-12-29 12:15:57
# local_time=2009-12-29 01:15:57 (+0100, Paris, Madrid)
# country="France"
# lang=1036
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 8578 8578 0 0
# compatibility_mode=769 16775165 100 98 37617 198324347 0 0
# compatibility_mode=1797 16775165 100 94 582829 58107102 0 0
# compatibility_mode=5893 16776573 100 94 285595 14458145 0 0
# compatibility_mode=7937 16777213 100 100 1216876 1824162 0 0
# compatibility_mode=8192 67108863 100 0 1236260 1236260 0 0
# scanned=208834
# found=0
# cleaned=0
# scan_time=45764
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=373d382c6d2b5140bdfd7a60ed86ac66
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-12-29 08:51:24
# local_time=2009-12-29 09:51:24 (+0100, Paris, Madrid)
# country="France"
# lang=1036
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 81853 81853 0 0
# compatibility_mode=769 16775165 100 98 4155 198397622 16373 0
# compatibility_mode=5893 16776573 100 94 0 14531420 0 0
# compatibility_mode=7937 16777213 100 100 1290151 1897437 0 0
# compatibility_mode=8192 67108863 100 0 1309535 1309535 0 0
# scanned=145786
# found=0
# cleaned=0
# scan_time=3416
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=373d382c6d2b5140bdfd7a60ed86ac66
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-01-09 02:41:10
# local_time=2010-01-09 03:41:10 (+0100, Paris, Madrid)
# country="France"
# lang=1036
# osver=6.1.7600 NT
# compatibility_mode=769 16774142 0 1 24846 24846 0 0
# compatibility_mode=1797 16775165 100 94 0 35653291 0 0
# compatibility_mode=5893 16776573 100 94 0 15410128 0 0
# compatibility_mode=7937 16777213 100 100 2168859 2776145 0 0
# compatibility_mode=8192 67108863 100 0 2188243 2188243 0 0
# scanned=213398
# found=0
# cleaned=0
# scan_time=9695
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
0
Réponse 8 / 8
Plug'n'play Messages postés 105 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 20 juin 2010
17 janv. 2010 à 13:57
Tu n'as pas fais la suppression avec UsbFix !
Il faut que tu lances UsbFix et que tu fasse suppression.
0

Discussions similaires

C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses