[toujours le même message avec Antivir´]
Résolu
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour
Chaque fois que je scanne mon pc, j'ai ce problème avec 7 fichiers
qui ne veulent ouvrir leur contenu...
Est-ce normal?
Creation date of the report file: samedi 16 juillet 2005 18:24
AntiVir®/XP (2000 + NT) PersonalEdition Classic
Build 1047 vom 07.06.2005
Mainprogram 6.31.00.03 of 10.05.2005
VDF file 6.31.0.205 (0) of 14.07.2005
This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.
Scanning for 191933 virus strains and unwanted programs.
Licensed for: AntiVir Personal Edition
Serial number: 0000149996-WURGE-0001
Please enter the workstation and
contact name with phone number in this form:
Name ___________________________________________
Street ___________________________________________
Town ___________________________________________
Phone/Fax ___________________________________________
Email ___________________________________________
Platform: Windows NT Workstation
Windows version: 5.0 Build 2195 (Service Pack 4)
Username: delta4
Processor: Pentium
Working memory: 260592 KB free
Version information:
AVWIN.DLL : 6.31.00.03 561192 10.05.2005 16:50:16
AVEWIN32.DLL : 6.31.0.9 823808 06.07.2005 18:00:08
AVGNT.EXE : 6.31.00.01 168039 10.05.2005 16:50:16
AVGUARD.EXE : 6.31.00.01 238120 29.04.2005 08:07:12
GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:10
AVGCMSG.DLL : 6.31.00.00 295029 29.04.2005 08:07:16
AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16
AVPACK32.DLL : 6.31.00.03 323664 25.05.2005 10:43:02
AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20
AVWIN.DLL : 6.31.00.03 561192 10.05.2005 16:50:16
AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22
AVSched32.EXE : 6.30.00.00 110632 01.02.2005 11:24:10
AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:10
AVREG.DLL : 6.30.00.03 41000 10.02.2005 18:47:48
AVRep.DLL : 6.31.00.200 1228840 13.07.2005 14:08:00
INETUPD.EXE : 6.31.00.02 249915 29.04.2005 08:07:14
INETUPD.DLL : 6.31.00.02 143360 29.04.2005 08:07:14
CTL3D32.DLL : 2.31.000 27136 16.12.1999 00:00:00
MFC42.DLL : 6.00.9586.0 1015859 19.06.2003 21:05:04
MSVCRT.DLL : 6.10.9844.0 286773 19.06.2003 21:05:04
CTL3DV2.DLL : No information
Configuration file:
Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown
Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report
Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information
Abridge report file:
[ ] Abridge report file
Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged
Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100
Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[ ] All files
[X] Program files
Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm
Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore
Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date
Drag&drop settings:
[X] Scan subdirectories
Profile settings:
[X] Scan subdirectories
Archive options
[X] Search archive
[X] All archive types
Miscellaneous options:
Temporary path: %TEMP% -> C:\Program Files\AVPersonal\BUILD.DAT
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[X] Load AVWin®/NT Guard on System start
General settings:
[X] Save options on exiting AntiVir
Priority: medium
Drives:
A: Floppy drive
C: Hard disk
D: CD-ROM
Start of scan: samedi 16 juillet 2005 18:24
Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK
C:\
PAGEFILE.SYS
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINNT\system32\config
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SYSTEM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SOFTWARE
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
DEFAULT
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINNT\Temp
ZLT04c4b.TMP
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
End of scan: samedi 16 juillet 2005 18:39
Time taken: 14:38 min
1605 directories were scanned
128082 files were scanned
7 warning messages were issued
0 files were deleted
0 files were repaired
0 detections
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
le log hitjack this
Logfile of HijackThis v1.99.1
Scan saved at 18:49:22, on 16/07/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZONELABS\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe
C:\WINNT\system32\internat.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\delta4\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-be\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-be\msntb.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZONELABS\vsmon.exe
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Avec Adaware, j'avais trouvé 3 tracking cookies, ma soeur va sur des sites de biens immobiliers, et le comble, elle prend Micro Inter Explore
Enfin, un des trois est Metriweb, les autres des .com
bonne après-midi à vous...
Bxflash
Chaque fois que je scanne mon pc, j'ai ce problème avec 7 fichiers
qui ne veulent ouvrir leur contenu...
Est-ce normal?
Creation date of the report file: samedi 16 juillet 2005 18:24
AntiVir®/XP (2000 + NT) PersonalEdition Classic
Build 1047 vom 07.06.2005
Mainprogram 6.31.00.03 of 10.05.2005
VDF file 6.31.0.205 (0) of 14.07.2005
This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.
Scanning for 191933 virus strains and unwanted programs.
Licensed for: AntiVir Personal Edition
Serial number: 0000149996-WURGE-0001
Please enter the workstation and
contact name with phone number in this form:
Name ___________________________________________
Street ___________________________________________
Town ___________________________________________
Phone/Fax ___________________________________________
Email ___________________________________________
Platform: Windows NT Workstation
Windows version: 5.0 Build 2195 (Service Pack 4)
Username: delta4
Processor: Pentium
Working memory: 260592 KB free
Version information:
AVWIN.DLL : 6.31.00.03 561192 10.05.2005 16:50:16
AVEWIN32.DLL : 6.31.0.9 823808 06.07.2005 18:00:08
AVGNT.EXE : 6.31.00.01 168039 10.05.2005 16:50:16
AVGUARD.EXE : 6.31.00.01 238120 29.04.2005 08:07:12
GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:10
AVGCMSG.DLL : 6.31.00.00 295029 29.04.2005 08:07:16
AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16
AVPACK32.DLL : 6.31.00.03 323664 25.05.2005 10:43:02
AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20
AVWIN.DLL : 6.31.00.03 561192 10.05.2005 16:50:16
AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22
AVSched32.EXE : 6.30.00.00 110632 01.02.2005 11:24:10
AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:10
AVREG.DLL : 6.30.00.03 41000 10.02.2005 18:47:48
AVRep.DLL : 6.31.00.200 1228840 13.07.2005 14:08:00
INETUPD.EXE : 6.31.00.02 249915 29.04.2005 08:07:14
INETUPD.DLL : 6.31.00.02 143360 29.04.2005 08:07:14
CTL3D32.DLL : 2.31.000 27136 16.12.1999 00:00:00
MFC42.DLL : 6.00.9586.0 1015859 19.06.2003 21:05:04
MSVCRT.DLL : 6.10.9844.0 286773 19.06.2003 21:05:04
CTL3DV2.DLL : No information
Configuration file:
Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown
Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report
Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information
Abridge report file:
[ ] Abridge report file
Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged
Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100
Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[ ] All files
[X] Program files
Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm
Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore
Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date
Drag&drop settings:
[X] Scan subdirectories
Profile settings:
[X] Scan subdirectories
Archive options
[X] Search archive
[X] All archive types
Miscellaneous options:
Temporary path: %TEMP% -> C:\Program Files\AVPersonal\BUILD.DAT
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[X] Load AVWin®/NT Guard on System start
General settings:
[X] Save options on exiting AntiVir
Priority: medium
Drives:
A: Floppy drive
C: Hard disk
D: CD-ROM
Start of scan: samedi 16 juillet 2005 18:24
Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK
C:\
PAGEFILE.SYS
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINNT\system32\config
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SYSTEM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SOFTWARE
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
DEFAULT
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINNT\Temp
ZLT04c4b.TMP
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
End of scan: samedi 16 juillet 2005 18:39
Time taken: 14:38 min
1605 directories were scanned
128082 files were scanned
7 warning messages were issued
0 files were deleted
0 files were repaired
0 detections
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
le log hitjack this
Logfile of HijackThis v1.99.1
Scan saved at 18:49:22, on 16/07/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZONELABS\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe
C:\WINNT\system32\internat.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\delta4\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-be\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-be\msntb.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr-be\msnappau.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZONELABS\vsmon.exe
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Avec Adaware, j'avais trouvé 3 tracking cookies, ma soeur va sur des sites de biens immobiliers, et le comble, elle prend Micro Inter Explore
Enfin, un des trois est Metriweb, les autres des .com
bonne après-midi à vous...
Bxflash
A voir également:
- [toujours le même message avec Antivir´]
- Recuperer message whatsapp supprimé - Guide
- Message absence thunderbird - Guide
- Epingler un message whatsapp - Accueil - Messagerie instantanée
- Message supprimé whatsapp - Guide
- Message non envoyé - Forum Mobile
2 réponses
salut
pour les 6 premiers c'est normal je pense, ce sont les backups du registre de win2k (impossible d'ouvrir, modifier, copier..).
Pour le 7eme ca me semble lié à zone alarm:
The ZLTXXXX.tmp files are created by Zone Labs' Zone Alarm firewall application and are deleted when it is shutdown. Any other ZLT*.TMP files are left over when your machine is rebooted improperly, not allowing Zone Alarm to end successfully
mais rien ne t'empeche de le faire analyser ici:
http://www.virustotal.com/xhtml/virustotal_en.html
ou là
http://www.kaspersky.com/scanforvirus.html
Sinon rien de suspect pour ton hijack
a+
pour les 6 premiers c'est normal je pense, ce sont les backups du registre de win2k (impossible d'ouvrir, modifier, copier..).
Pour le 7eme ca me semble lié à zone alarm:
The ZLTXXXX.tmp files are created by Zone Labs' Zone Alarm firewall application and are deleted when it is shutdown. Any other ZLT*.TMP files are left over when your machine is rebooted improperly, not allowing Zone Alarm to end successfully
mais rien ne t'empeche de le faire analyser ici:
http://www.virustotal.com/xhtml/virustotal_en.html
ou là
http://www.kaspersky.com/scanforvirus.html
Sinon rien de suspect pour ton hijack
a+
