Trojan.Host.CG
airposte
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
apparition de Trojan.Host.CG détecté par Bit defender. Totalement nul en informatique ;-)
Par avance merci à celle ou celui qui peut m'aider...
voici les log ewido, bit defender et Hijack.
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 12:44:10 PM 09/27/2006
+ Scan result:
F:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll -> Adware.180Solutions : No action taken.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : No action taken.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : No action taken.
C:\Program Files\Everest Poker\cstart.exe -> Adware.Casino : No action taken.
C:\WINDOWS\Club Dice Poker setup.exe -> Adware.Casino : No action taken.
C:\WINDOWS\Titan Poker setup.exe -> Adware.Casino : No action taken.
C:\Program Files\Save -> Adware.SaveNow : No action taken.
C:\Program Files\Save\Save.exe -> Adware.SaveNow : No action taken.
::Report end
Options d'analyse
Détection
[X] Analyser le secteur de boot
[X] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie
Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;
Action
Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Seconde action
[ ] Ignorer
[ ] Effacer
[ ] Copier
[X] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : vscan.log
[ ] Rajouter au rapport existant
Sommaire :
C:\Documents and Settings\All Users\Documents\setup.exe Infectés avec Trojan.Proxy.Horst.CG
C:\Documents and Settings\All Users\Documents\setup.exe Désinfection impossible
C:\Documents and Settings\All Users\Documents\setup.exe Déplacé
Logfile of HijackThis v1.99.1
Scan saved at 13:44:41 PM, on 09/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
c:\program files\softwin\bitdefender8\bdlite.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [gcasServ] C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Startup Manager] C:\Documents and Settings\Admin\Application Data\Systweak\ASO 2\smstartUp manager.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
(Comment fait on pour conprendre ce truc ?????? Lol)
apparition de Trojan.Host.CG détecté par Bit defender. Totalement nul en informatique ;-)
Par avance merci à celle ou celui qui peut m'aider...
voici les log ewido, bit defender et Hijack.
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 12:44:10 PM 09/27/2006
+ Scan result:
F:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll -> Adware.180Solutions : No action taken.
C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : No action taken.
C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : No action taken.
C:\Program Files\Everest Poker\cstart.exe -> Adware.Casino : No action taken.
C:\WINDOWS\Club Dice Poker setup.exe -> Adware.Casino : No action taken.
C:\WINDOWS\Titan Poker setup.exe -> Adware.Casino : No action taken.
C:\Program Files\Save -> Adware.SaveNow : No action taken.
C:\Program Files\Save\Save.exe -> Adware.SaveNow : No action taken.
::Report end
Options d'analyse
Détection
[X] Analyser le secteur de boot
[X] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie
Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;
Action
Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Seconde action
[ ] Ignorer
[ ] Effacer
[ ] Copier
[X] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : vscan.log
[ ] Rajouter au rapport existant
Sommaire :
C:\Documents and Settings\All Users\Documents\setup.exe Infectés avec Trojan.Proxy.Horst.CG
C:\Documents and Settings\All Users\Documents\setup.exe Désinfection impossible
C:\Documents and Settings\All Users\Documents\setup.exe Déplacé
Logfile of HijackThis v1.99.1
Scan saved at 13:44:41 PM, on 09/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
c:\program files\softwin\bitdefender8\bdlite.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\QZTEMP\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [gcasServ] C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Startup Manager] C:\Documents and Settings\Admin\Application Data\Systweak\ASO 2\smstartUp manager.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
(Comment fait on pour conprendre ce truc ?????? Lol)
5 réponses
Salut,
Clic sur démarrer, poste de travail, C:, program files et supprime ce dossier:
MyGlobalSearch
**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe celui ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Puis fait ça
Télécharge lopxp:
http://pageperso.aol.fr/balltrap34/lopxp.zip
dézippe-le sur ton bureau puis double-clic sur le fichier "lopxp.bat"
quand il à terminé, un rapport s'ouvre : fais un copier-coller puis mets le ici
Clic sur démarrer, poste de travail, C:, program files et supprime ce dossier:
MyGlobalSearch
**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe celui ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Puis fait ça
Télécharge lopxp:
http://pageperso.aol.fr/balltrap34/lopxp.zip
dézippe-le sur ton bureau puis double-clic sur le fichier "lopxp.bat"
quand il à terminé, un rapport s'ouvre : fais un copier-coller puis mets le ici
Voici le Log text demandé (avec tous mes remerciements...)
Rapport fait à 14:19:35.15 le 09/28/2006
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\Admin\Application Data
07/12/2006 19:14 PM <REP> Ahead
05/26/2006 19:43 PM <REP> Help
05/24/2006 20:54 PM 1033 QuickZip45.ini
12/29/2005 12:38 PM <REP> Skype
12/08/2005 14:12 PM <REP> Real
11/30/2005 16:09 PM <REP> Apple Computer
11/10/2005 01:17 AM <REP> Prevx
11/08/2005 16:25 PM <REP> Systweak
10/21/2005 19:57 PM <REP> Common Files
10/13/2005 18:39 PM <REP> HP
09/28/2005 18:05 PM <REP> ICAClient
09/22/2005 18:10 PM <REP> Google
07/26/2005 08:35 AM <REP> Canon
07/26/2005 08:27 AM <REP> AdobeUM
07/07/2005 20:13 PM <REP> Microsoft Web Folders
07/05/2005 18:36 PM <REP> ArcSoft
07/05/2005 18:20 PM <REP> Adobe
07/04/2005 20:25 PM <REP> Macromedia
07/03/2005 09:43 AM <REP> Musicmatch
07/01/2005 12:25 PM 0 sversion.ini
07/01/2005 11:45 AM <REP> Identities
07/01/2005 11:45 AM 62 desktop.ini
07/01/2005 11:45 AM <REP> Microsoft
07/01/2005 11:45 AM <REP> .
07/01/2005 11:45 AM <REP> ..
3 fichier(s) 1095 octets
22 R‚p(s) 11873120256 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\All Users\Application Data
09/22/2006 19:56 PM <REP> Google
09/06/2006 17:02 PM <REP> Emjysoft
09/04/2006 11:09 AM <REP> Macrovision
09/03/2006 12:54 PM <REP> BOONTY
06/07/2006 11:52 AM 1786 QTSBandwidthCache
12/29/2005 12:38 PM <REP> Skype
11/30/2005 13:43 PM <REP> Apple Computer
11/10/2005 01:16 AM <REP> Prevx
10/21/2005 13:33 PM <REP> Windows Genuine Advantage
09/19/2005 21:43 PM <REP> Spybot - Search & Destroy
08/09/2005 20:10 PM <REP> QuickTime
07/07/2005 20:18 PM <REP> SBT
07/05/2005 18:24 PM <REP> Adobe
07/01/2005 22:17 PM 22991 hpzinstall.log
07/01/2005 13:13 PM 62 desktop.ini
07/01/2005 13:11 PM <REP> Microsoft
07/01/2005 13:11 PM <REP> ..
07/01/2005 13:11 PM <REP> .
07/01/2005 12:24 PM <REP> CyberLink
07/01/2005 12:24 PM <REP> Ahead
07/01/2005 12:19 PM <REP> nView_Profiles
3 fichier(s) 24839 octets
18 R‚p(s) 11873120256 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\Default User\Application Data
07/01/2005 13:13 PM 62 desktop.ini
07/01/2005 13:11 PM <REP> ..
07/01/2005 13:11 PM <REP> Microsoft
07/01/2005 13:11 PM <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 11873120256 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\WINDOWS\Tasks
09/27/2006 11:37 AM 300 XoftSpy.job
07/01/2005 11:36 AM 6 SA.DAT
07/01/2005 11:24 AM 65 desktop.ini
07/01/2005 11:24 AM <REP> ..
07/01/2005 11:24 AM <REP> .
3 fichier(s) 371 octets
2 R‚p(s) 11,873,120,256 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Rapport fait à 14:19:35.15 le 09/28/2006
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\Admin\Application Data
07/12/2006 19:14 PM <REP> Ahead
05/26/2006 19:43 PM <REP> Help
05/24/2006 20:54 PM 1033 QuickZip45.ini
12/29/2005 12:38 PM <REP> Skype
12/08/2005 14:12 PM <REP> Real
11/30/2005 16:09 PM <REP> Apple Computer
11/10/2005 01:17 AM <REP> Prevx
11/08/2005 16:25 PM <REP> Systweak
10/21/2005 19:57 PM <REP> Common Files
10/13/2005 18:39 PM <REP> HP
09/28/2005 18:05 PM <REP> ICAClient
09/22/2005 18:10 PM <REP> Google
07/26/2005 08:35 AM <REP> Canon
07/26/2005 08:27 AM <REP> AdobeUM
07/07/2005 20:13 PM <REP> Microsoft Web Folders
07/05/2005 18:36 PM <REP> ArcSoft
07/05/2005 18:20 PM <REP> Adobe
07/04/2005 20:25 PM <REP> Macromedia
07/03/2005 09:43 AM <REP> Musicmatch
07/01/2005 12:25 PM 0 sversion.ini
07/01/2005 11:45 AM <REP> Identities
07/01/2005 11:45 AM 62 desktop.ini
07/01/2005 11:45 AM <REP> Microsoft
07/01/2005 11:45 AM <REP> .
07/01/2005 11:45 AM <REP> ..
3 fichier(s) 1095 octets
22 R‚p(s) 11873120256 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\All Users\Application Data
09/22/2006 19:56 PM <REP> Google
09/06/2006 17:02 PM <REP> Emjysoft
09/04/2006 11:09 AM <REP> Macrovision
09/03/2006 12:54 PM <REP> BOONTY
06/07/2006 11:52 AM 1786 QTSBandwidthCache
12/29/2005 12:38 PM <REP> Skype
11/30/2005 13:43 PM <REP> Apple Computer
11/10/2005 01:16 AM <REP> Prevx
10/21/2005 13:33 PM <REP> Windows Genuine Advantage
09/19/2005 21:43 PM <REP> Spybot - Search & Destroy
08/09/2005 20:10 PM <REP> QuickTime
07/07/2005 20:18 PM <REP> SBT
07/05/2005 18:24 PM <REP> Adobe
07/01/2005 22:17 PM 22991 hpzinstall.log
07/01/2005 13:13 PM 62 desktop.ini
07/01/2005 13:11 PM <REP> Microsoft
07/01/2005 13:11 PM <REP> ..
07/01/2005 13:11 PM <REP> .
07/01/2005 12:24 PM <REP> CyberLink
07/01/2005 12:24 PM <REP> Ahead
07/01/2005 12:19 PM <REP> nView_Profiles
3 fichier(s) 24839 octets
18 R‚p(s) 11873120256 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\Documents and Settings\Default User\Application Data
07/01/2005 13:13 PM 62 desktop.ini
07/01/2005 13:11 PM <REP> ..
07/01/2005 13:11 PM <REP> Microsoft
07/01/2005 13:11 PM <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 11873120256 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 88AB-D6CA
R‚pertoire de C:\WINDOWS\Tasks
09/27/2006 11:37 AM 300 XoftSpy.job
07/01/2005 11:36 AM 6 SA.DAT
07/01/2005 11:24 AM 65 desktop.ini
07/01/2005 11:24 AM <REP> ..
07/01/2005 11:24 AM <REP> .
3 fichier(s) 371 octets
2 R‚p(s) 11,873,120,256 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Salut,
Refais un scan avec Ewido et vire tout ce qu'il te trouve (delete)
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Refais un scan avec Ewido et vire tout ce qu'il te trouve (delete)
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Ben voici le log....
C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA7.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA8.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA9.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmAA.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\Perflib_Perfdata_dd4.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\~DF5F46.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Documents\setup.exe Infected: Trojan-Proxy.Win32.Horst.jq skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe/WISE0024.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe WiseSFX: infected - 1 skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe WiseSFX Dropper: infected - 1 skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped
C:\Program Files\Softwin\BitDefender8\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender8\regspy.sys Infected: not-a-virus:Monitor.Win32.PCAcme.61 skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP253\A0039967.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP255\A0040143.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP256\A0041137.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP256\A0042202.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP257\A0042270.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP258\A0042344.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP259\A0043512.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP262\A0043998.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP263\A0044036.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP264\A0044103.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP267\A0044216.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP271\A0044325.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP284\A0045753.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP286\A0045852.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP298\A0046830.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP298\A0046848.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP299\A0046888.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP299\A0046913.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048426.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048444.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048446.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048457.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048546.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048577.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048710.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP307\A0048772.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP307\A0048780.old Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053989.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053990.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053991.exe Infected: not-a-virus:AdWare.Win32.Casino.w skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053992.exe Infected: not-a-virus:AdWare.Win32.Casino.w skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
C:\WINDOWS\Temp\tmp000079b4\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\BearShareZangoInstaller.exe CAB: infected - 1 skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0029.BIN Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe WiseSFX: infected - 3 skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe WiseSFX Dropper: infected - 3 skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Ca en fait des fichiers....
Merci par avance
C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA7.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA8.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmA9.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\fnmAA.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\Perflib_Perfdata_dd4.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\~DF5F46.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Documents\setup.exe Infected: Trojan-Proxy.Win32.Horst.jq skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe/WISE0024.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe WiseSFX: infected - 1 skipped
C:\Program Files\BearShare\Installer\BSInstall5.2.1.2.exe WiseSFX Dropper: infected - 1 skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped
C:\Program Files\Softwin\BitDefender8\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender8\regspy.sys Infected: not-a-virus:Monitor.Win32.PCAcme.61 skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP253\A0039967.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP255\A0040143.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP256\A0041137.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP256\A0042202.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP257\A0042270.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP258\A0042344.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP259\A0043512.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP262\A0043998.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP263\A0044036.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP264\A0044103.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP267\A0044216.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP271\A0044325.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP284\A0045753.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP286\A0045852.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP298\A0046830.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP298\A0046848.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP299\A0046888.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP299\A0046913.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048426.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048444.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP305\A0048446.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048457.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048546.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048577.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP306\A0048710.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP307\A0048772.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP307\A0048780.old Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053989.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053990.exe Infected: not-a-virus:AdWare.Win32.Casino.t skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053991.exe Infected: not-a-virus:AdWare.Win32.Casino.w skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\A0053992.exe Infected: not-a-virus:AdWare.Win32.Casino.w skipped
C:\System Volume Information\_restore{0FB34ADA-FE93-45B6-B3E2-2ABC3AEE4205}\RP310\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
C:\WINDOWS\Temp\tmp000079b4\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\BearShareZangoInstaller.exe CAB: infected - 1 skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe/WISE0029.BIN Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe WiseSFX: infected - 3 skipped
F:\Program Files\BearShare\Installer\BSInstall5.2.5.1.exe WiseSFX Dropper: infected - 3 skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Ca en fait des fichiers....
Merci par avance
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut,
supprime ce dossier: BearShare
Qui est présent sur ton disque C et F
Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec) puis fait ce nettoyage
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
supprime ce dossier: BearShare
Qui est présent sur ton disque C et F
Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec) puis fait ce nettoyage
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
