Win32 + "your computer may be infected...&quo
Résolu
Cath69
-
meastikmetal -
meastikmetal -
Bonjour,
Depuis quelque temps, j'ai des fenêtres qui s'affichent sur mes pages internet à la place des publicités avec le message suivant : "your computer may be infected..." avec une croix rouge.
Par ailleurs, j'ai des pages qui s'ouvrent toute seules avec des propositions pour des antivirus ou des publicités pour des ordinateurs (VLAZE), des régimes, des sites de rencontre...
Mon antivirus (avast) me dit que mon ordi est infecté par win32...
Que faire ?
merci pour la réponse précise car je ne m'y connais pas en informatique.
Depuis quelque temps, j'ai des fenêtres qui s'affichent sur mes pages internet à la place des publicités avec le message suivant : "your computer may be infected..." avec une croix rouge.
Par ailleurs, j'ai des pages qui s'ouvrent toute seules avec des propositions pour des antivirus ou des publicités pour des ordinateurs (VLAZE), des régimes, des sites de rencontre...
Mon antivirus (avast) me dit que mon ordi est infecté par win32...
Que faire ?
merci pour la réponse précise car je ne m'y connais pas en informatique.
A voir également:
- Win32 + "your computer may be infected...&quo
- Can't load android system your data may be corrupt traduction francais - Forum Téléphones & tablettes Android
- To be filled by o.e.m - Forum Windows
- Puadimanager win32/offercore ✓ - Forum Virus
- Steam needs to be online to update. please confirm your network connection and try again. ✓ - Forum MacOS
- Over current have been detected on your usb device ✓ - Forum Windows
138 réponses
Ouf ! Antivir est réinstallé. J'ai fait le scan mais sans avoir pu remettre à jour avant (plantage comme hier à cause de C:\WINDOWS\systeme32\_c00361F1.dat -> le même qu'hier). Donc le scan présenté c'est sans la mise à jour d'antivir...
Depuis que j'ai redémarré, j'ai une alerte Antivir avec C:\WINDOWS\systeme32\mljjk.dll.
AntiVir PersonalEdition Classic
Report file date: dimanche 4 novembre 2007 19:51
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-1607AC21F06
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 4 novembre 2007 19:52
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'mantispm.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ScanningProcess.exe' - '0' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ScanningProcess.exe' - '0' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
30 processes with 30 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '18' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: dimanche 4 novembre 2007 19:52
Used time: 00:43 min
The scan has been canceled!
129 Scanning directories
536 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
536 Files not concerned
1 Archives were scanned
1 Warnings
0 Notes
Depuis que j'ai redémarré, j'ai une alerte Antivir avec C:\WINDOWS\systeme32\mljjk.dll.
AntiVir PersonalEdition Classic
Report file date: dimanche 4 novembre 2007 19:51
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-1607AC21F06
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 4 novembre 2007 19:52
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'mantispm.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ScanningProcess.exe' - '0' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ScanningProcess.exe' - '0' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
30 processes with 30 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '18' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: dimanche 4 novembre 2007 19:52
Used time: 00:43 min
The scan has been canceled!
129 Scanning directories
536 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
536 Files not concerned
1 Archives were scanned
1 Warnings
0 Notes
C:\WINDOWS\systeme32\mljjk.dll
vires le manuellment en mode sans échec.
avec Explorer tu le cherches et tu le supprimes.
vires le manuellment en mode sans échec.
avec Explorer tu le cherches et tu le supprimes.
Voilà !
Globalement, c'est sans commune mesure avec l'état d'hier. J'ai gagné en rapidité. Peut être commençons nous à voir le bout du tunnel ??
Globalement, c'est sans commune mesure avec l'état d'hier. J'ai gagné en rapidité. Peut être commençons nous à voir le bout du tunnel ??
Je te souhaite.
Le fire-wall te protège en théorie d'une réinfection ...
Le soucis est de mettre Antivir à jour.
Si tu as une alerte note de quoi il sagit, quoiqu'en proncipe il doit aussi avoir un journal d'alerte.
Antivir et ton Fire-wall doivent ABSOLUMENT être actif quand tu te connectes au Net.
Mets Antivir à jour.
Refaits un scan déconnecté du Net ensuite et en mode normal.
Si tu as des alertes, soit tu les notes, soit tu me colles le journal des alertes de Antivir.
Le fire-wall te protège en théorie d'une réinfection ...
Le soucis est de mettre Antivir à jour.
Si tu as une alerte note de quoi il sagit, quoiqu'en proncipe il doit aussi avoir un journal d'alerte.
Antivir et ton Fire-wall doivent ABSOLUMENT être actif quand tu te connectes au Net.
Mets Antivir à jour.
Refaits un scan déconnecté du Net ensuite et en mode normal.
Si tu as des alertes, soit tu les notes, soit tu me colles le journal des alertes de Antivir.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Scan réalisé après mise à jour d'antivir :
AntiVir PersonalEdition Classic
Report file date: dimanche 4 novembre 2007 20:29
Scanning for 914349 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-1607AC21F06
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.140 940544 Bytes 26/10/2007 18:54:15
ANTIVIR3.VDF : 7.0.0.166 137728 Bytes 04/11/2007 18:54:15
AVEWIN32.DLL : 7.6.0.30 3056128 Bytes 04/11/2007 18:54:17
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 4 novembre 2007 20:29
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'mantispm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '18' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\avenger\backup-04.11.2007-18.10.55,67.zip
[0] Archive type: ZIP
--> avenger/SERCHGNO.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> avenger/TEXOHWYP.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> avenger/XDXILEUN.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47911e14.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071101-184942-461.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47912240.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001538.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2574.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001540.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2579.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001541.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257b.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001545.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001546.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001549.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2581.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001550.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2583.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001551.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2586.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001554.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2588.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001557.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e258b.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001560.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e258d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001561.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2591.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001562.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2594.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001563.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2597.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001564.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2598.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001566.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001567.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001568.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001683.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25a7.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001685.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25a9.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001686.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ab.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001688.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ae.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001783.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c0.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001785.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c3.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001789.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c5.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010007.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e0.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010008.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e4.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010009.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e7.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010010.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ea.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010011.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ed.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010012.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ef.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010013.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f2.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010014.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f5.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010015.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f8.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010016.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25fb.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011005.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2606.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011006.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011007.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260c.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011008.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011009.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2611.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011010.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2614.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011011.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2617.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011012.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e261a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011013.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e261c.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011014.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2627.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011015.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e262f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011016.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d80.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011017.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2630.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011018.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d81.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011019.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2632.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011020.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d83.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011021.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2631.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011022.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d82.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011023.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '475e2633.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011068.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '46239d84.qua'!
End of the scan: dimanche 4 novembre 2007 21:21
Used time: 51:34 min
The scan has been done completely.
3297 Scanning directories
208177 Files were scanned
59 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
57 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
208118 Files not concerned
6156 Archives were scanned
1 Warnings
2 Notes
AntiVir PersonalEdition Classic
Report file date: dimanche 4 novembre 2007 20:29
Scanning for 914349 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-1607AC21F06
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.140 940544 Bytes 26/10/2007 18:54:15
ANTIVIR3.VDF : 7.0.0.166 137728 Bytes 04/11/2007 18:54:15
AVEWIN32.DLL : 7.6.0.30 3056128 Bytes 04/11/2007 18:54:17
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 4 novembre 2007 20:29
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'mantispm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '18' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\avenger\backup-04.11.2007-18.10.55,67.zip
[0] Archive type: ZIP
--> avenger/SERCHGNO.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> avenger/TEXOHWYP.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> avenger/XDXILEUN.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47911e14.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071101-184942-461.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47912240.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001538.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2574.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001540.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2579.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001541.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257b.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001545.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001546.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e257f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001549.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2581.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001550.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2583.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001551.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2586.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001554.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2588.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001557.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e258b.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001560.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e258d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001561.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2591.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001562.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2594.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001563.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2597.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001564.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2598.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001566.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001567.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259d.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP4\A0001568.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e259f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001683.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25a7.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001685.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25a9.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001686.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ab.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP5\A0001688.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ae.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001783.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c0.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001785.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c3.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP7\A0001789.DLL
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '475e25c5.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010007.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e0.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010008.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e4.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010009.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25e7.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010010.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ea.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010011.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ed.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010012.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25ef.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010013.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f2.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010014.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f5.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010015.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25f8.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP8\A0010016.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e25fb.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011005.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2606.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011006.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011007.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260c.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011008.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e260f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011009.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2611.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011010.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2614.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011011.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2617.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011012.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e261a.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011013.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e261c.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011014.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2627.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011015.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e262f.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011016.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d80.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011017.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2630.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011018.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d81.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011019.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2632.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011020.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d83.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011021.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '475e2631.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011022.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '46239d82.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011023.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '475e2633.qua'!
C:\System Volume Information\_restore{7B02C464-3C0C-453D-9D98-C360AC408D0F}\RP9\A0011068.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '46239d84.qua'!
End of the scan: dimanche 4 novembre 2007 21:21
Used time: 51:34 min
The scan has been done completely.
3297 Scanning directories
208177 Files were scanned
59 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
57 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
208118 Files not concerned
6156 Archives were scanned
1 Warnings
2 Notes
Bon, à part des faux positifs et les points de restauration infectés (pas étonnant en fait !) rien de dangereux en soi.
comment se comporte le PC à ce point ?
comment se comporte le PC à ce point ?
tu as fait ceci ?
https://leblogdeclaude.blogspot.com/2007/03/informatique-supprimer-des-logiciels-au.html
si non fais-le.
https://leblogdeclaude.blogspot.com/2007/03/informatique-supprimer-des-logiciels-au.html
si non fais-le.
Oui c'est mieux...
C'est normal si je n'ai plus l'icone de mon antivirus en bas à droite ? bhou !
Est-ce que je peux désinstaller Vundofix, Navilog, Fixvundo, OAD, Clean.cmd, Hijackthis ..??
C'est normal si je n'ai plus l'icone de mon antivirus en bas à droite ? bhou !
Est-ce que je peux désinstaller Vundofix, Navilog, Fixvundo, OAD, Clean.cmd, Hijackthis ..??
apparemment tu aurais virer l'antivirus au démarrage !
--------------------> tu dois le remettre.
En général la liste verte est sans danger.
Si tu n'en a pas il te reste le jaune .
Mais procède par étape !
Une marche arrière est trés facile avec Sypbot
------------------------------------------------------
refaits un log Hijackthis
--------------------> tu dois le remettre.
En général la liste verte est sans danger.
Si tu n'en a pas il te reste le jaune .
Mais procède par étape !
Une marche arrière est trés facile avec Sypbot
------------------------------------------------------
refaits un log Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 19:17:57, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {8E9FEB71-7588-4FE7-94C1-E84C27FB5671} - C:\WINDOWS\system32\mljjk.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 19:17:57, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {8E9FEB71-7588-4FE7-94C1-E84C27FB5671} - C:\WINDOWS\system32\mljjk.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Bien, je vois le fire-wall et l'Antivir+tea-timer.
--------------------------------------------------
cocher + fixer
--------------------------------
O2 - BHO: (no name) - {8E9FEB71-7588-4FE7-94C1-E84C27FB5671} - C:\WINDOWS\system32\mljjk.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
-------------------
mets à jour ta vesion Java:
jre1.6.0_02 on est à la 03
https://leblogdeclaude.blogspot.com/2007/07/mettre-jour-votre-version-java.html
----------------------------
reboot ta machine.
fais une recherche avec oad.exe sur ceci------->
mljjk.dll
postes le rapport oad.exe
-----------------------------
en même temps
Repostes un log Hijackthis
--------------------------------------------------
cocher + fixer
--------------------------------
O2 - BHO: (no name) - {8E9FEB71-7588-4FE7-94C1-E84C27FB5671} - C:\WINDOWS\system32\mljjk.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
-------------------
mets à jour ta vesion Java:
jre1.6.0_02 on est à la 03
https://leblogdeclaude.blogspot.com/2007/07/mettre-jour-votre-version-java.html
----------------------------
reboot ta machine.
fais une recherche avec oad.exe sur ceci------->
mljjk.dll
postes le rapport oad.exe
-----------------------------
en même temps
Repostes un log Hijackthis
Recherche oad :
06/11/2007 ---- 20:05:19,93
----------------------------------
§§§§§§ [mljjk.dll ] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
06/11/2007 ---- 20:05:19,93
----------------------------------
§§§§§§ [mljjk.dll ] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 20:06:45, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 20:06:45, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Oups !
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
c'est le fichier qu'antivir bloquait l'autre fois quand j'essayais de l'installer
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
c'est le fichier qu'antivir bloquait l'autre fois quand j'essayais de l'installer
06/11/2007 ---- 20:43:30,85
----------------------------------
§§§§§§ [__c00361F1.dat] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\__c00361F1.dat"
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
----------------------------------
§§§§§§ [__c00361F1.dat] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\__c00361F1.dat"
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 20:43:55, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 20:43:55, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/advanced_search?hl=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {60d425f4-8f37-cc28-a4a4-1d415678f406} - {604f8765-14d1-4a4a-82cc-73f84f524d06} - C:\WINDOWS\system32\cpvtvivf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00361F1.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe