Virus psguard et coolwwwsearch.homesearch
sebalou
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous!
Je poste un petit mot car j'ai attrapé des virus sur le net, il s'agit de searchclik (par spybot) et trek blue error nuke, coolwwwsearch.homesearch, psguard (trouvé par ad aware ). Comme antivirus, j'ai avast4 et pare feu zone alarm. Mais quoi que je fasse, je n'arrive pa à supprimer ces "virus". Je vous joint mon log ( j'ai deja essayé de faire le ménage, grace a d'autres post maisj'ai toujours le problème. D'avance, merci pour votre aide
Logfile of HijackThis v1.99.1
Scan saved at 18:11:58, on 17/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\mozilla\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sebastien\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {25772CDE-9796-16D5-FDED-5A0FE9C94E0E} - C:\WINDOWS\system32\crmy.dll
O2 - BHO: Class - {57F5806A-D566-E625-50E5-FD4EE683E283} - C:\WINDOWS\system32\javaya32.dll
O2 - BHO: Class - {8391C5AE-D71D-1C39-7030-6A643F55B86D} - C:\WINDOWS\system32\addzw32.dll
O2 - BHO: Class - {B11E0DA4-6126-6F77-EBB6-7AC45A2249AA} - C:\WINDOWS\netss32.dll
O2 - BHO: Class - {EF0D6CC5-BD7A-7645-9AD2-491794D22499} - C:\WINDOWS\netub.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ipor.exe] C:\WINDOWS\ipor.exe
O4 - HKLM\..\Run: [ipsp.exe] C:\WINDOWS\system32\ipsp.exe
O4 - HKLM\..\Run: [atlnk32.exe] C:\WINDOWS\system32\atlnk32.exe
O4 - HKLM\..\Run: [mssk.exe] C:\WINDOWS\system32\mssk.exe
O4 - HKLM\..\Run: [appzi.exe] C:\WINDOWS\appzi.exe
O4 - HKLM\..\Run: [crio32.exe] C:\WINDOWS\crio32.exe
O4 - HKLM\..\Run: [sysdj.exe] C:\WINDOWS\sysdj.exe
O4 - HKLM\..\Run: [ntro32.exe] C:\WINDOWS\ntro32.exe
O4 - HKLM\..\Run: [addyq32.exe] C:\WINDOWS\system32\addyq32.exe
O4 - HKLM\..\Run: [netss32.exe] C:\WINDOWS\netss32.exe
O4 - HKLM\..\RunOnce: [addum32.exe] C:\WINDOWS\system32\addum32.exe
O4 - HKLM\..\RunOnce: [iewz32.exe] C:\WINDOWS\iewz32.exe
O4 - HKLM\..\RunOnce: [winnr.exe] C:\WINDOWS\system32\winnr.exe
O4 - HKLM\..\RunOnce: [d3xz32.exe] C:\WINDOWS\system32\d3xz32.exe
O4 - HKLM\..\RunOnce: [crqb.exe] C:\WINDOWS\system32\crqb.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Software - C:\Program Files\Xtractor Plus\hh.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Je poste un petit mot car j'ai attrapé des virus sur le net, il s'agit de searchclik (par spybot) et trek blue error nuke, coolwwwsearch.homesearch, psguard (trouvé par ad aware ). Comme antivirus, j'ai avast4 et pare feu zone alarm. Mais quoi que je fasse, je n'arrive pa à supprimer ces "virus". Je vous joint mon log ( j'ai deja essayé de faire le ménage, grace a d'autres post maisj'ai toujours le problème. D'avance, merci pour votre aide
Logfile of HijackThis v1.99.1
Scan saved at 18:11:58, on 17/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\mozilla\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sebastien\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {25772CDE-9796-16D5-FDED-5A0FE9C94E0E} - C:\WINDOWS\system32\crmy.dll
O2 - BHO: Class - {57F5806A-D566-E625-50E5-FD4EE683E283} - C:\WINDOWS\system32\javaya32.dll
O2 - BHO: Class - {8391C5AE-D71D-1C39-7030-6A643F55B86D} - C:\WINDOWS\system32\addzw32.dll
O2 - BHO: Class - {B11E0DA4-6126-6F77-EBB6-7AC45A2249AA} - C:\WINDOWS\netss32.dll
O2 - BHO: Class - {EF0D6CC5-BD7A-7645-9AD2-491794D22499} - C:\WINDOWS\netub.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ipor.exe] C:\WINDOWS\ipor.exe
O4 - HKLM\..\Run: [ipsp.exe] C:\WINDOWS\system32\ipsp.exe
O4 - HKLM\..\Run: [atlnk32.exe] C:\WINDOWS\system32\atlnk32.exe
O4 - HKLM\..\Run: [mssk.exe] C:\WINDOWS\system32\mssk.exe
O4 - HKLM\..\Run: [appzi.exe] C:\WINDOWS\appzi.exe
O4 - HKLM\..\Run: [crio32.exe] C:\WINDOWS\crio32.exe
O4 - HKLM\..\Run: [sysdj.exe] C:\WINDOWS\sysdj.exe
O4 - HKLM\..\Run: [ntro32.exe] C:\WINDOWS\ntro32.exe
O4 - HKLM\..\Run: [addyq32.exe] C:\WINDOWS\system32\addyq32.exe
O4 - HKLM\..\Run: [netss32.exe] C:\WINDOWS\netss32.exe
O4 - HKLM\..\RunOnce: [addum32.exe] C:\WINDOWS\system32\addum32.exe
O4 - HKLM\..\RunOnce: [iewz32.exe] C:\WINDOWS\iewz32.exe
O4 - HKLM\..\RunOnce: [winnr.exe] C:\WINDOWS\system32\winnr.exe
O4 - HKLM\..\RunOnce: [d3xz32.exe] C:\WINDOWS\system32\d3xz32.exe
O4 - HKLM\..\RunOnce: [crqb.exe] C:\WINDOWS\system32\crqb.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Software - C:\Program Files\Xtractor Plus\hh.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2D686C14-E3C9-4E3D-8200-DA632B0C0A12}: NameServer = 212.87.96.9 194.7.45.25
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- Virus psguard et coolwwwsearch.homesearch
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
172 réponses
j'atten la fin du can kaspersky in line et je redémarre
et pour chos schredder ds le menu deroulant des icones sur le buro?? et si g pa trouvé les fichiers avecore.dll etc??? ils sont ou en prioncipe?
et pour chos schredder ds le menu deroulant des icones sur le buro?? et si g pa trouvé les fichiers avecore.dll etc??? ils sont ou en prioncipe?
tu as desinstaller chaos ou pas ?
si non, c'est normal
pour les fichiers, dsl mais je sais pas ou exactement
vu ici:
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453087958
si non, c'est normal
pour les fichiers, dsl mais je sais pas ou exactement
vu ici:
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453087958
g oublié de mettre scan etendu! dc c lenormal dsl. je dois le refaire en etendu? g fusionné le bloc note, je redémarre
Number of suspicious objects: 0
Duration of the scan process: 1631 sec
Infected Object Name - Virus Name
C:\Documents and Settings\sebastien\Bureau\antivirus\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip/SmitfraudFix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Program Files\Xtractor Plus\xp.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0001717.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0002489.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0002492.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007263.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007337.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008017.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008058.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008058.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008572.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008599.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008610.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0010325.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017568.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017568.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017581.exe Infected: not-a-virus:AdWare.Harmohol.a
Scan process completed.
Number of suspicious objects: 0
Duration of the scan process: 1631 sec
Infected Object Name - Virus Name
C:\Documents and Settings\sebastien\Bureau\antivirus\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip/SmitfraudFix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Program Files\Xtractor Plus\xp.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0001717.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0002489.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0002492.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007208.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007263.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0007337.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008017.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008058.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008058.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008572.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008599.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008609.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0008610.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0010325.exe Infected: not-a-virus:AdWare.Harmohol.a
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017568.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017568.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{1A632672-CEB7-4179-AB36-19A9B3D3BD38}\RP1\A0017581.exe Infected: not-a-virus:AdWare.Harmohol.a
Scan process completed.
bon desactive ta restauration systeme elle est infecter
il faut la désactiver
pour ça tu fais clic droit sur poste de travail
propriété tu clique sur onglet restauration système
tu coche la case désactiver la restauration et applique
tu redémarre
tu fais scan
il faut la désactiver
pour ça tu fais clic droit sur poste de travail
propriété tu clique sur onglet restauration système
tu coche la case désactiver la restauration et applique
tu redémarre
tu fais scan
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
je fais scan avec koi? la clé est tjs la apres redemarrage...
g coché desactiver restauration, je redémarre
quid du scan??
g coché desactiver restauration, je redémarre
quid du scan??
voila g redémarré! je scan avec koi?
pour chaos schredder, je ne l'ai pa ds mes programmes, g fat recherche, aucun resultat
pour chaos schredder, je ne l'ai pa ds mes programmes, g fat recherche, aucun resultat
pas acces a ce site http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453087958
il me demande un login et mot de passe!
le scan c avec kaspesky on line?
il me demande un login et mot de passe!
le scan c avec kaspesky on line?
enfin bon, sans avoir g relancé kas on line, version etendue! je vous poste le resultat des ke c fini.
si vous voulez autre chose...
si vous voulez autre chose...
ok c t avec kaspersky...il est en cours! la seule différence avec tanto c la resto systeme desactivée car g rien supprimé tanto
le scan fais le ici pour voir
http://www.bitdefender.fr
si tu l'as dejà commence chez kasp c'est pas grave continue
bizarre pour le lien, pas de problemes de mon coté ????
http://www.bitdefender.fr
si tu l'as dejà commence chez kasp c'est pas grave continue
bizarre pour le lien, pas de problemes de mon coté ????
balltrap dis moi ce que tu pense de :
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe detecté par kav
ca correspondrait pas à ca ?
http://vil.mcafeesecurity.com/vil/content/v_130879.htm
j'arrete pour ce soir
a++
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe detecté par kav
ca correspondrait pas à ca ?
http://vil.mcafeesecurity.com/vil/content/v_130879.htm
j'arrete pour ce soir
a++
pou info, xtractor+ c juste pour decompresser...c mon frangin ki me la filé ( et il ma jms posé de prob)
pour kaspersy :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, August 21, 2005 01:07:47
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 21/08/2005
Kaspersky Anti-Virus database records: 144788
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Folders:
C:\
Scan Statistics:
Total number of scanned objects: 22494
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 1075 sec
Infected Object Name - Virus Name
C:\Documents and Settings\sebastien\Bureau\antivirus\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip/SmitfraudFix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Program Files\Xtractor Plus\xp.exe Infected: not-a-virus:AdWare.Harmohol.a
Scan process completed.
pour kaspersy :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, August 21, 2005 01:07:47
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 21/08/2005
Kaspersky Anti-Virus database records: 144788
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Folders:
C:\
Scan Statistics:
Total number of scanned objects: 22494
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 1075 sec
Infected Object Name - Virus Name
C:\Documents and Settings\sebastien\Bureau\antivirus\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip/SmitfraudFix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\antivirus\psguard\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe/l2mfix/Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\l2mfix.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\SmitfraudFix\Process.exe Infected: not-a-virus:RiskTool.Win32.Processor.20
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0012 Infected: not-a-virus:AdWare.Harmohol.a
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015/SaveNow.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe/data0015 Infected: not-a-virus:AdWare.SaveNow.ar
C:\Documents and Settings\sebastien\Bureau\Xtractor +\xplus.exe Infected: not-a-virus:AdWare.SaveNow.ar
C:\Program Files\Xtractor Plus\xp.exe Infected: not-a-virus:AdWare.Harmohol.a
Scan process completed.
ok je touche a rien! g fermé kaspersky, je lance bitdefender (il se met a jour) apparement par defaut, il supprime lui meme infections si il sait, si pas il supprime sans alerte a ce ke g compri, je laisse ainsi? fo rien paramétrer?
