Souci de cheval de troie
Résolu
pinka01
Messages postés
81
Statut
Membre
-
FillPCA Messages postés 2264 Statut Contributeur sécurité -
FillPCA Messages postés 2264 Statut Contributeur sécurité -
Bonjour,
s'il vs plait aider moi j'ai un cheval de troie .
Logfile of HijackThis v1.99.1
Scan saved at 18:20:48, on 02/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WIN-LNA\System32\smss.exe
C:\WIN-LNA\system32\csrss.exe
C:\WIN-LNA\system32\winlogon.exe
C:\WIN-LNA\system32\services.exe
C:\WIN-LNA\system32\lsass.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
c:\assdwk.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
C:\Program LNA\Alwil Software\Avast4\ashServ.exe
C:\Program LNA\Common\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN-LNA\system\lsass.exe
C:\WIN-LNA\system32\spoolsv.exe
C:\WIN-LNA\system\lsass.exe
C:\WIN-LNA\system32\ctfmon.exe
C:\Program LNA\SuperCopier2\SuperCopier2.exe
C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program LNA\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WIN-LNA\system32\sjcmvoha.exe
C:\WIN-LNA\system32\cr.exe
C:\Program LNA\Common\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
C:\WIN-LNA\System32\alg.exe
C:\WIN-LNA\system32\wscntfy.exe
C:\WIN-LNA\system32\nu.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\MSN Messenger\msnmsgr.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\Common\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WIN-LNA\explorer.exe
C:\Program LNA\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\Alwil Software\Avast4\ashSimpl.exe
C:\Program LNA\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WIN-LNA\system32\userinit.exe,c:\assdwk.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program LNA\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7A2D856F-E2F0-4B4B-B55D-23FF803C2EE4} - C:\WIN-LNA\system32\geedb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WIN-LNA\system32\tqtavlhk.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program LNA\Common\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program LNA\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program lna\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program lna\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN-LNA\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program LNA\Common\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Lsass Services] C:\WIN-LNA\system\lsass.exe
O4 - HKLM\..\Run: [rmftpvrgccn] C:\WIN-LNA\system32\rmftpvrgccn.exe
O4 - HKLM\..\Run: [Network Translation Service] "c:\assdwk.exe" *
O4 - HKLM\..\Run: [v] C:\WIN-LNA\system32\v.exe
O4 - HKLM\..\Run: [eeoufextw] C:\WIN-LNA\system32\eeoufextw.exe
O4 - HKLM\..\Run: [skqruez] C:\WIN-LNA\system32\skqruez.exe
O4 - HKLM\..\Run: [mirxiovpeu] C:\WIN-LNA\system32\mirxiovpeu.exe
O4 - HKLM\..\Run: [uupq] C:\WIN-LNA\system32\uupq.exe
O4 - HKLM\..\Run: [dzjiiz] C:\WIN-LNA\system32\dzjiiz.exe
O4 - HKLM\..\Run: [xfnss] C:\WIN-LNA\system32\xfnss.exe
O4 - HKLM\..\Run: [qwjwyjbzcs] C:\WIN-LNA\system32\qwjwyjbzcs.exe
O4 - HKLM\..\Run: [worcfhmkisv] C:\WIN-LNA\system32\worcfhmkisv.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WIN-LNA\system32\gbiwcerg.dll",sitypnow
O4 - HKLM\..\Run: [cr] C:\WIN-LNA\system32\cr.exe
O4 - HKLM\..\Run: [nu] C:\WIN-LNA\system32\nu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN-LNA\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program LNA\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Network Translation Service] "c:\assdwk.exe" *
O4 - HKCU\..\Run: [updateMgr] C:\Program LNA\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O4 - HKCU\..\Run: [msnmsgr] "C:\Program LNA\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A796129-96D9-4DA7-81CD-4846297A732A}: NameServer = 196.217.246.210 212.217.0.13
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program LNA\Common\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Common\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: byxwvvv - C:\WIN-LNA\SYSTEM32\byxwvvv.dll
O20 - Winlogon Notify: efcaaaa - C:\WIN-LNA\SYSTEM32\efcaaaa.dll
O20 - Winlogon Notify: igfxcui - C:\WIN-LNA\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: iifdbab - C:\WIN-LNA\SYSTEM32\iifdbab.dll
O20 - Winlogon Notify: ljjjkkh - C:\WIN-LNA\SYSTEM32\ljjjkkh.dll
O20 - Winlogon Notify: tuvttrr - C:\WIN-LNA\SYSTEM32\tuvttrr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WIN-LNA\system32\sjcmvoha.exe
O23 - Service: Print Spooler Service (eahcruy9ea) - Unknown owner - C:\WIN-LNA\system32\mmxhuu.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program LNA\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program LNA\Common\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: olMntrService - Olivetti - C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program LNA\TuneUp Utilities 2006\WinStylerThemeSvc.exe
s'il vs plait aider moi j'ai un cheval de troie .
Logfile of HijackThis v1.99.1
Scan saved at 18:20:48, on 02/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WIN-LNA\System32\smss.exe
C:\WIN-LNA\system32\csrss.exe
C:\WIN-LNA\system32\winlogon.exe
C:\WIN-LNA\system32\services.exe
C:\WIN-LNA\system32\lsass.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
c:\assdwk.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
C:\Program LNA\Alwil Software\Avast4\ashServ.exe
C:\Program LNA\Common\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN-LNA\system\lsass.exe
C:\WIN-LNA\system32\spoolsv.exe
C:\WIN-LNA\system\lsass.exe
C:\WIN-LNA\system32\ctfmon.exe
C:\Program LNA\SuperCopier2\SuperCopier2.exe
C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program LNA\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WIN-LNA\system32\sjcmvoha.exe
C:\WIN-LNA\system32\cr.exe
C:\Program LNA\Common\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
C:\WIN-LNA\System32\alg.exe
C:\WIN-LNA\system32\wscntfy.exe
C:\WIN-LNA\system32\nu.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\MSN Messenger\msnmsgr.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\Common\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WIN-LNA\explorer.exe
C:\Program LNA\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\Alwil Software\Avast4\ashSimpl.exe
C:\Program LNA\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WIN-LNA\system32\userinit.exe,c:\assdwk.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program LNA\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7A2D856F-E2F0-4B4B-B55D-23FF803C2EE4} - C:\WIN-LNA\system32\geedb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WIN-LNA\system32\tqtavlhk.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program LNA\Common\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program LNA\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program lna\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program lna\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN-LNA\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program LNA\Common\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Lsass Services] C:\WIN-LNA\system\lsass.exe
O4 - HKLM\..\Run: [rmftpvrgccn] C:\WIN-LNA\system32\rmftpvrgccn.exe
O4 - HKLM\..\Run: [Network Translation Service] "c:\assdwk.exe" *
O4 - HKLM\..\Run: [v] C:\WIN-LNA\system32\v.exe
O4 - HKLM\..\Run: [eeoufextw] C:\WIN-LNA\system32\eeoufextw.exe
O4 - HKLM\..\Run: [skqruez] C:\WIN-LNA\system32\skqruez.exe
O4 - HKLM\..\Run: [mirxiovpeu] C:\WIN-LNA\system32\mirxiovpeu.exe
O4 - HKLM\..\Run: [uupq] C:\WIN-LNA\system32\uupq.exe
O4 - HKLM\..\Run: [dzjiiz] C:\WIN-LNA\system32\dzjiiz.exe
O4 - HKLM\..\Run: [xfnss] C:\WIN-LNA\system32\xfnss.exe
O4 - HKLM\..\Run: [qwjwyjbzcs] C:\WIN-LNA\system32\qwjwyjbzcs.exe
O4 - HKLM\..\Run: [worcfhmkisv] C:\WIN-LNA\system32\worcfhmkisv.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WIN-LNA\system32\gbiwcerg.dll",sitypnow
O4 - HKLM\..\Run: [cr] C:\WIN-LNA\system32\cr.exe
O4 - HKLM\..\Run: [nu] C:\WIN-LNA\system32\nu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN-LNA\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program LNA\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Network Translation Service] "c:\assdwk.exe" *
O4 - HKCU\..\Run: [updateMgr] C:\Program LNA\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O4 - HKCU\..\Run: [msnmsgr] "C:\Program LNA\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A796129-96D9-4DA7-81CD-4846297A732A}: NameServer = 196.217.246.210 212.217.0.13
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program LNA\Common\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Common\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: byxwvvv - C:\WIN-LNA\SYSTEM32\byxwvvv.dll
O20 - Winlogon Notify: efcaaaa - C:\WIN-LNA\SYSTEM32\efcaaaa.dll
O20 - Winlogon Notify: igfxcui - C:\WIN-LNA\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: iifdbab - C:\WIN-LNA\SYSTEM32\iifdbab.dll
O20 - Winlogon Notify: ljjjkkh - C:\WIN-LNA\SYSTEM32\ljjjkkh.dll
O20 - Winlogon Notify: tuvttrr - C:\WIN-LNA\SYSTEM32\tuvttrr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WIN-LNA\system32\sjcmvoha.exe
O23 - Service: Print Spooler Service (eahcruy9ea) - Unknown owner - C:\WIN-LNA\system32\mmxhuu.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program LNA\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program LNA\Common\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: olMntrService - Olivetti - C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program LNA\TuneUp Utilities 2006\WinStylerThemeSvc.exe
A voir également:
- Souci de cheval de troie
- Antivirus cheval de troie gratuit - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Comment se débarrasser d'un cheval de troie ✓ - Forum Virus
- Qu'est ce que le cheval au poker - Forum Virus
- Jeux de petit chevaux gratuit à télécharger - Télécharger - Jeux vidéo
30 réponses
bjr
alors j'ai pas trouvé les fichies ou les dossiers que vs avez filé .donc j'ai reprenis les procedures.
j'ai fais un analyse seulement de hijackthis mais j'ai cocher seulement F2 - REG:system.ini: UserInit=C:\WIN-LNA\system32\userinit.exe,C:\assdwk.exe ; les autres j'ai pas trouvé les.
j'ai continué par le telechargement de AVG anti_spaware .mais j'ai commun une erreur je pense ; aprés "appliquer tous les actions"
j'ai trouvé la zone de enregesrer le rapport inactivé .j'ai relance encore une fois l'analyse mais cette fois j'ai coche generer 1 rapport pr analyse programmé .et voila le rapport de AVG anti_spaware
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:59:58 05/10/2007
+ Résultat de l'analyse:
Rien à signaler.
Fin du rapport
alors j'ai pas trouvé les fichies ou les dossiers que vs avez filé .donc j'ai reprenis les procedures.
j'ai fais un analyse seulement de hijackthis mais j'ai cocher seulement F2 - REG:system.ini: UserInit=C:\WIN-LNA\system32\userinit.exe,C:\assdwk.exe ; les autres j'ai pas trouvé les.
j'ai continué par le telechargement de AVG anti_spaware .mais j'ai commun une erreur je pense ; aprés "appliquer tous les actions"
j'ai trouvé la zone de enregesrer le rapport inactivé .j'ai relance encore une fois l'analyse mais cette fois j'ai coche generer 1 rapport pr analyse programmé .et voila le rapport de AVG anti_spaware
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:59:58 05/10/2007
+ Résultat de l'analyse:
Rien à signaler.
Fin du rapport
result of kaspersky
KASPERSKY ONLINE SCANNER REPORT
Saturday, October 06, 2007 2:22:32 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 5/10/2007
Kaspersky Anti-Virus database records: 427465
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 65396
Number of viruses found: 5
Number of infected objects: 10
Number of suspicious objects: 0
Duration of the scan process: 00:54:32
Infected Object Name / Virus Name / Last Action
C:\WIN-LNA\system32\config\system.LOG Object is locked skipped
C:\WIN-LNA\system32\config\software.LOG Object is locked skipped
C:\WIN-LNA\system32\config\default.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SAM.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY.LOG Object is locked skipped
C:\WIN-LNA\system32\config\AppEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SecEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SysEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\OSession.evt Object is locked skipped
C:\WIN-LNA\system32\config\ODiag.evt Object is locked skipped
C:\WIN-LNA\system32\config\Antivirus.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY Object is locked skipped
C:\WIN-LNA\system32\config\SOFTWARE Object is locked skipped
C:\WIN-LNA\system32\config\SYSTEM Object is locked skipped
C:\WIN-LNA\system32\config\DEFAULT Object is locked skipped
C:\WIN-LNA\system32\config\SAM Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\edb.log Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WIN-LNA\system32\h323log.txt Object is locked skipped
C:\WIN-LNA\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WIN-LNA\Temp\Perflib_Perfdata_514.dat Object is locked skipped
C:\WIN-LNA\Debug\PASSWD.LOG Object is locked skipped
C:\WIN-LNA\Sti_Trace.log Object is locked skipped
C:\WIN-LNA\wiaservc.log Object is locked skipped
C:\WIN-LNA\wiadebug.log Object is locked skipped
C:\WIN-LNA\WindowsUpdate.log Object is locked skipped
C:\WIN-LNA\SchedLgU.Txt Object is locked skipped
C:\WIN-LNA\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temp\Perflib_Perfdata_ea8.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007100620071007\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab/_5284D43BDA6946D291EC89B1CCB81B8D Infected: not-a-virus:AdWare.Win32.Craagle.19 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab/_4D6D32F4E55545AE8D1DB5BFA5329D88 Infected: HackTool.Win32.CrackSearch.a skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab Infected: HackTool.Win32.CrackSearch.a skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP45\A0018663.dll Infected: Trojan.Win32.BHO.hj skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP48\A0018974.exe Infected: Trojan.Win32.Obfuscated.gy skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019037.exe/file8 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019037.exe Inno: infected - 1 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019066.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\change.log Object is locked skipped
C:\VundoFix Backups\krgptmlk.dll.bad Infected: Trojan.Win32.BHO.hj skipped
D:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\change.log Object is locked skipped
Scan process completed.
KASPERSKY ONLINE SCANNER REPORT
Saturday, October 06, 2007 2:22:32 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 5/10/2007
Kaspersky Anti-Virus database records: 427465
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 65396
Number of viruses found: 5
Number of infected objects: 10
Number of suspicious objects: 0
Duration of the scan process: 00:54:32
Infected Object Name / Virus Name / Last Action
C:\WIN-LNA\system32\config\system.LOG Object is locked skipped
C:\WIN-LNA\system32\config\software.LOG Object is locked skipped
C:\WIN-LNA\system32\config\default.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SAM.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY.LOG Object is locked skipped
C:\WIN-LNA\system32\config\AppEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SecEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SysEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\OSession.evt Object is locked skipped
C:\WIN-LNA\system32\config\ODiag.evt Object is locked skipped
C:\WIN-LNA\system32\config\Antivirus.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY Object is locked skipped
C:\WIN-LNA\system32\config\SOFTWARE Object is locked skipped
C:\WIN-LNA\system32\config\SYSTEM Object is locked skipped
C:\WIN-LNA\system32\config\DEFAULT Object is locked skipped
C:\WIN-LNA\system32\config\SAM Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\edb.log Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WIN-LNA\system32\h323log.txt Object is locked skipped
C:\WIN-LNA\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WIN-LNA\Temp\Perflib_Perfdata_514.dat Object is locked skipped
C:\WIN-LNA\Debug\PASSWD.LOG Object is locked skipped
C:\WIN-LNA\Sti_Trace.log Object is locked skipped
C:\WIN-LNA\wiaservc.log Object is locked skipped
C:\WIN-LNA\wiadebug.log Object is locked skipped
C:\WIN-LNA\WindowsUpdate.log Object is locked skipped
C:\WIN-LNA\SchedLgU.Txt Object is locked skipped
C:\WIN-LNA\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temp\Perflib_Perfdata_ea8.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007100620071007\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program LNA\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab/_5284D43BDA6946D291EC89B1CCB81B8D Infected: not-a-virus:AdWare.Win32.Craagle.19 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab/_4D6D32F4E55545AE8D1DB5BFA5329D88 Infected: HackTool.Win32.CrackSearch.a skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi/Data1.cab Infected: HackTool.Win32.CrackSearch.a skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP13\A0001355.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP45\A0018663.dll Infected: Trojan.Win32.BHO.hj skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP48\A0018974.exe Infected: Trojan.Win32.Obfuscated.gy skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019037.exe/file8 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019037.exe Inno: infected - 1 skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\A0019066.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\change.log Object is locked skipped
C:\VundoFix Backups\krgptmlk.dll.bad Infected: Trojan.Win32.BHO.hj skipped
D:\System Volume Information\_restore{F33AEAFE-1D82-4C5E-8B91-6F7FAA27853B}\RP49\change.log Object is locked skipped
Scan process completed.
bjr
KASPERSKY ONLINE SCANNER REPORT
Saturday, October 06, 2007 1:26:11 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 5/10/2007
Kaspersky Anti-Virus database records: 427461
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
C:\WIN-LNA
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
Scan Statistics:
Total number of scanned objects: 10942
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 00:06:04
Infected Object Name / Virus Name / Last Action
C:\WIN-LNA\system32\config\system.LOG Object is locked skipped
C:\WIN-LNA\system32\config\software.LOG Object is locked skipped
C:\WIN-LNA\system32\config\default.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SAM.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY.LOG Object is locked skipped
C:\WIN-LNA\system32\config\AppEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SecEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SysEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\OSession.evt Object is locked skipped
C:\WIN-LNA\system32\config\ODiag.evt Object is locked skipped
C:\WIN-LNA\system32\config\Antivirus.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY Object is locked skipped
C:\WIN-LNA\system32\config\SOFTWARE Object is locked skipped
C:\WIN-LNA\system32\config\SYSTEM Object is locked skipped
C:\WIN-LNA\system32\config\DEFAULT Object is locked skipped
C:\WIN-LNA\system32\config\SAM Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\edb.log Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WIN-LNA\system32\h323log.txt Object is locked skipped
C:\WIN-LNA\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WIN-LNA\Temp\Perflib_Perfdata_514.dat Object is locked skipped
C:\WIN-LNA\Debug\PASSWD.LOG Object is locked skipped
C:\WIN-LNA\Sti_Trace.log Object is locked skipped
C:\WIN-LNA\wiaservc.log Object is locked skipped
C:\WIN-LNA\wiadebug.log Object is locked skipped
C:\WIN-LNA\WindowsUpdate.log Object is locked skipped
C:\WIN-LNA\SchedLgU.Txt Object is locked skipped
C:\WIN-LNA\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_ea8.dat Object is locked skipped
Scan process completed.
KASPERSKY ONLINE SCANNER REPORT
Saturday, October 06, 2007 1:26:11 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 5/10/2007
Kaspersky Anti-Virus database records: 427461
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
C:\WIN-LNA
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
Scan Statistics:
Total number of scanned objects: 10942
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 00:06:04
Infected Object Name / Virus Name / Last Action
C:\WIN-LNA\system32\config\system.LOG Object is locked skipped
C:\WIN-LNA\system32\config\software.LOG Object is locked skipped
C:\WIN-LNA\system32\config\default.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SAM.LOG Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY.LOG Object is locked skipped
C:\WIN-LNA\system32\config\AppEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SecEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SysEvent.Evt Object is locked skipped
C:\WIN-LNA\system32\config\OSession.evt Object is locked skipped
C:\WIN-LNA\system32\config\ODiag.evt Object is locked skipped
C:\WIN-LNA\system32\config\Antivirus.Evt Object is locked skipped
C:\WIN-LNA\system32\config\SECURITY Object is locked skipped
C:\WIN-LNA\system32\config\SOFTWARE Object is locked skipped
C:\WIN-LNA\system32\config\SYSTEM Object is locked skipped
C:\WIN-LNA\system32\config\DEFAULT Object is locked skipped
C:\WIN-LNA\system32\config\SAM Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WIN-LNA\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\edb.log Object is locked skipped
C:\WIN-LNA\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WIN-LNA\system32\h323log.txt Object is locked skipped
C:\WIN-LNA\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WIN-LNA\Temp\Perflib_Perfdata_514.dat Object is locked skipped
C:\WIN-LNA\Debug\PASSWD.LOG Object is locked skipped
C:\WIN-LNA\Sti_Trace.log Object is locked skipped
C:\WIN-LNA\wiaservc.log Object is locked skipped
C:\WIN-LNA\wiadebug.log Object is locked skipped
C:\WIN-LNA\WindowsUpdate.log Object is locked skipped
C:\WIN-LNA\SchedLgU.Txt Object is locked skipped
C:\WIN-LNA\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_ea8.dat Object is locked skipped
Scan process completed.
bjr
hijackthis rapports: et merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 02:34:05, on 06/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WIN-LNA\System32\smss.exe
C:\WIN-LNA\system32\csrss.exe
C:\WIN-LNA\system32\winlogon.exe
C:\WIN-LNA\system32\services.exe
C:\WIN-LNA\system32\lsass.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
C:\Program LNA\Alwil Software\Avast4\ashServ.exe
C:\WIN-LNA\Explorer.EXE
C:\Program LNA\Common\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN-LNA\system32\ctfmon.exe
C:\Program LNA\SuperCopier2\SuperCopier2.exe
C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program LNA\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WIN-LNA\system32\spoolsv.exe
C:\Program LNA\Common\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\alg.exe
C:\WIN-LNA\system32\wscntfy.exe
C:\Program LNA\internet explorer\iexplore.exe
C:\Program LNA\internet explorer\iexplore.exe
C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program LNA\Messenger\msmsgs.exe
C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
C:\Program LNA\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program lna\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN-LNA\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program LNA\Common\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN-LNA\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program LNA\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program LNA\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program LNA\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A796129-96D9-4DA7-81CD-4846297A732A}: NameServer = 196.217.246.210 212.217.0.13
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program LNA\Common\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Common\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program LNA\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program LNA\Common\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: olMntrService - Olivetti - C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program LNA\TuneUp Utilities 2006\WinStylerThemeSvc.exe
hijackthis rapports: et merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 02:34:05, on 06/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WIN-LNA\System32\smss.exe
C:\WIN-LNA\system32\csrss.exe
C:\WIN-LNA\system32\winlogon.exe
C:\WIN-LNA\system32\services.exe
C:\WIN-LNA\system32\lsass.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
C:\Program LNA\Alwil Software\Avast4\ashServ.exe
C:\WIN-LNA\Explorer.EXE
C:\Program LNA\Common\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WIN-LNA\system32\ctfmon.exe
C:\Program LNA\SuperCopier2\SuperCopier2.exe
C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program LNA\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WIN-LNA\system32\spoolsv.exe
C:\Program LNA\Common\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\alg.exe
C:\WIN-LNA\system32\wscntfy.exe
C:\Program LNA\internet explorer\iexplore.exe
C:\Program LNA\internet explorer\iexplore.exe
C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program LNA\Messenger\msmsgs.exe
C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
C:\Program LNA\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program lna\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program LNA\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program LNA\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WIN-LNA\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program LNA\Common\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN-LNA\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program LNA\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program LNA\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program LNA\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program LNA\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A796129-96D9-4DA7-81CD-4846297A732A}: NameServer = 196.217.246.210 212.217.0.13
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program LNA\Common\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\Common\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program LNA\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program LNA\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program LNA\Common\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: olMntrService - Olivetti - C:\Program LNA\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program LNA\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonsoir,
Rien de méchant. Infections logées dans la quarantaine de Vundofix et dans la restauration système.
1/ * Lance OTmoveIT.
* Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).
NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.
* Une liste apparaît dans la partie gauche d'OTmoveIT.
* Un message apparaît pour confirmer le nettoyage. Confirme.
* Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi.
2/ Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK.
Décoche cette case, clique sur "appliquer">OK et redémarre le pc.
As-tu toujours des soucis ?
FillPCA
Rien de méchant. Infections logées dans la quarantaine de Vundofix et dans la restauration système.
1/ * Lance OTmoveIT.
* Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).
NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.
* Une liste apparaît dans la partie gauche d'OTmoveIT.
* Un message apparaît pour confirmer le nettoyage. Confirme.
* Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi.
2/ Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK.
Décoche cette case, clique sur "appliquer">OK et redémarre le pc.
As-tu toujours des soucis ?
FillPCA
Bonjour,
merci bcq
mais quelle case que je dois la decoché aprés est ce que la meme( desactiver le restauration systeme)?
et ben pour le parfeu j'ai seulement le parefeu de windows , est ce qu'il est suffisantpr la securité?
et merci .
merci bcq
mais quelle case que je dois la decoché aprés est ce que la meme( desactiver le restauration systeme)?
et ben pour le parfeu j'ai seulement le parefeu de windows , est ce qu'il est suffisantpr la securité?
et merci .
Bonjour,
Il faut en effet la réactiver en cochant la même case et en redémarrant le pc.
Pour les cookies, tu peux les gérer facilememnt avec une extension comme permit cookies ou cookies safe sous firefox.
Pour les supprimer, tu peux passer Cclener.
Pour renforcer la protection de ton pc, tu peux regarder ici : http://perso.orange.fr/Le-site-de-Fill/S%E9curit%E9/Logiciels%20de%20protection.html
FillPCA
Il faut en effet la réactiver en cochant la même case et en redémarrant le pc.
Pour les cookies, tu peux les gérer facilememnt avec une extension comme permit cookies ou cookies safe sous firefox.
Pour les supprimer, tu peux passer Cclener.
Pour renforcer la protection de ton pc, tu peux regarder ici : http://perso.orange.fr/Le-site-de-Fill/S%E9curit%E9/Logiciels%20de%20protection.html
FillPCA
