Infection win32:Small-gen2 besoin d'aide
Résolu/Fermé
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
-
7 déc. 2007 à 16:06
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 11 déc. 2007 à 14:21
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 11 déc. 2007 à 14:21
A voir également:
- Infection win32:Small-gen2 besoin d'aide
- Win32:malware-gen ✓ - Forum Virus
- Trojan win32 - Forum Virus
- Win32 pup gen ✓ - Forum Linux / Unix
- Télécharger win32 valide pour windows 7 gratuit - Forum Windows
- Puadimanager win32 ✓ - Forum Virus
28 réponses
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
7 déc. 2007 à 16:22
7 déc. 2007 à 16:22
salut chacha106,
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
@+
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
7 déc. 2007 à 20:14
7 déc. 2007 à 20:14
Bonjour Girly, alors voici le rapport de combofix:
ComboFix 07-12-07.3 - ethan 2007-12-07 20:09:53.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.225 [GMT 1:00]
Running from: C:\Documents and Settings\ethan\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
.
2007-12-07 13:49 . 2007-12-07 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-07 13:41 . 2007-12-07 13:41 <REP> d-------- C:\Program Files\Panda Security
2007-12-04 20:46 . 2007-12-04 20:47 <REP> d-------- C:\Program Files\AVG Anti-Spyware 7.5
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\ethan\Application Data\Grisoft
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-04 20:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 20:12 . 2007-12-04 20:12 2,811,808 --a------ C:\upload_moi_TOSTAKY.tar.gz
2007-12-04 20:00 . 2007-12-04 20:02 <REP> d-------- C:\Program Files\Navilog1
2007-12-04 15:33 . 2007-12-07 15:59 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-03 21:09 . 2007-12-03 21:09 <REP> d-------- C:\Program Files\CCleaner
2007-11-16 19:29 . 2007-11-16 19:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-16 19:29 . 2007-11-16 19:29 1,409 --a------ C:\WINDOWS\QTFont.for
2007-11-15 12:41 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 14:46 --------- d-----w C:\Program Files\Google
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-03 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 11:41 --------- d-----w C:\Program Files\Java
2007-11-05 15:08 --------- d-----w C:\Program Files\Maya l'Abeille
2007-10-25 09:22 --------- d-----w C:\Program Files\Shareaza
2007-10-25 09:22 --------- d-----w C:\Documents and Settings\ethan\Application Data\Shareaza
2007-10-25 09:06 --------- d-----w C:\Program Files\Neuf
2007-10-18 13:05 --------- d-----w C:\Program Files\GIMP-2.0
2007-10-18 12:57 --------- d-----w C:\Program Files\GTK
2007-10-12 16:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-12 16:06 --------- d-----w C:\Program Files\SlySoft
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-10-12 15:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2005-05-23 18:46 284 ----a-w C:\Documents and Settings\ethan\Application Data\ViewerApp.dat
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2005-07-26 12:07 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2005-04-20 16:57 56 --sh--r C:\WINDOWS\system32\BD8297FA5C.sys
2005-09-01 14:28 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"="C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe" [2005-03-17 10:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPpromo psc 2175"="C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" [2003-09-08 15:16]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2006-11-17 12:41]
"InCD"="C:\Program Files\utilitaire\nero\InCD\InCD.exe" [2005-01-03 10:41]
"avast!"="C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe" [2007-12-04 14:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="realsched.exe" []
"Sin Espias"="C:\Program Files\SinEspias\No-Spy.exe" []
"stnospy"="C:\Program Files\SinEspias\no-spy.exe" []
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe" [2006-11-17 14:16]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-05 10:34]
"!AVG Anti-Spyware"="C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2005-04-19 12:59]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\utilitaire\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
R1 prodrv04;Star Force copy protection driver v4;C:\WINDOWS\system32\drivers\prodrv04.sys
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
S3 Defender;Defender;\??\C:\Program Files\SinEspias\Defender.sys
S3 PWIPENUM;PWIPENUM;\??\C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWIPENUM.SYS
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 SpyFighter;SpyFighter Guard Device;\??\C:\Program Files\SPYWAREfighter\spyfighter.sys
S3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe"
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2005-07-28 13:56:53 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1114013460.job"
- C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 20:11:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-07 20:12:44
.
--- E O F ---
Merci encore de ton aide
ComboFix 07-12-07.3 - ethan 2007-12-07 20:09:53.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.225 [GMT 1:00]
Running from: C:\Documents and Settings\ethan\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
.
2007-12-07 13:49 . 2007-12-07 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-07 13:41 . 2007-12-07 13:41 <REP> d-------- C:\Program Files\Panda Security
2007-12-04 20:46 . 2007-12-04 20:47 <REP> d-------- C:\Program Files\AVG Anti-Spyware 7.5
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\ethan\Application Data\Grisoft
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-04 20:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 20:12 . 2007-12-04 20:12 2,811,808 --a------ C:\upload_moi_TOSTAKY.tar.gz
2007-12-04 20:00 . 2007-12-04 20:02 <REP> d-------- C:\Program Files\Navilog1
2007-12-04 15:33 . 2007-12-07 15:59 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-03 21:09 . 2007-12-03 21:09 <REP> d-------- C:\Program Files\CCleaner
2007-11-16 19:29 . 2007-11-16 19:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-16 19:29 . 2007-11-16 19:29 1,409 --a------ C:\WINDOWS\QTFont.for
2007-11-15 12:41 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 14:46 --------- d-----w C:\Program Files\Google
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-03 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 11:41 --------- d-----w C:\Program Files\Java
2007-11-05 15:08 --------- d-----w C:\Program Files\Maya l'Abeille
2007-10-25 09:22 --------- d-----w C:\Program Files\Shareaza
2007-10-25 09:22 --------- d-----w C:\Documents and Settings\ethan\Application Data\Shareaza
2007-10-25 09:06 --------- d-----w C:\Program Files\Neuf
2007-10-18 13:05 --------- d-----w C:\Program Files\GIMP-2.0
2007-10-18 12:57 --------- d-----w C:\Program Files\GTK
2007-10-12 16:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-12 16:06 --------- d-----w C:\Program Files\SlySoft
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-10-12 15:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2005-05-23 18:46 284 ----a-w C:\Documents and Settings\ethan\Application Data\ViewerApp.dat
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2005-07-26 12:07 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2005-04-20 16:57 56 --sh--r C:\WINDOWS\system32\BD8297FA5C.sys
2005-09-01 14:28 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"="C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe" [2005-03-17 10:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPpromo psc 2175"="C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" [2003-09-08 15:16]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2006-11-17 12:41]
"InCD"="C:\Program Files\utilitaire\nero\InCD\InCD.exe" [2005-01-03 10:41]
"avast!"="C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe" [2007-12-04 14:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="realsched.exe" []
"Sin Espias"="C:\Program Files\SinEspias\No-Spy.exe" []
"stnospy"="C:\Program Files\SinEspias\no-spy.exe" []
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe" [2006-11-17 14:16]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-05 10:34]
"!AVG Anti-Spyware"="C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2005-04-19 12:59]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\utilitaire\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
R1 prodrv04;Star Force copy protection driver v4;C:\WINDOWS\system32\drivers\prodrv04.sys
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
S3 Defender;Defender;\??\C:\Program Files\SinEspias\Defender.sys
S3 PWIPENUM;PWIPENUM;\??\C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWIPENUM.SYS
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 SpyFighter;SpyFighter Guard Device;\??\C:\Program Files\SPYWAREfighter\spyfighter.sys
S3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe"
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2005-07-28 13:56:53 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1114013460.job"
- C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 20:11:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-07 20:12:44
.
--- E O F ---
Merci encore de ton aide
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
7 déc. 2007 à 20:44
7 déc. 2007 à 20:44
re,
relance hijack this et coche et fix les lignes ci dessous:
O4 - Global Startup: msupd14766.exe
O4 - Global Startup: Update_0711_KB091802.exe
O4 - Global Startup: Update_0711_KB091803.exe
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
puis :
Copie le texte ci-dessous :
File::
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\QTFont.for
C:\upload_moi_TOSTAKY.tar.gz
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe
Folder::
C:\Program Files\Navilog1
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
@+
relance hijack this et coche et fix les lignes ci dessous:
O4 - Global Startup: msupd14766.exe
O4 - Global Startup: Update_0711_KB091802.exe
O4 - Global Startup: Update_0711_KB091803.exe
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
puis :
Copie le texte ci-dessous :
File::
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\QTFont.for
C:\upload_moi_TOSTAKY.tar.gz
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe
Folder::
C:\Program Files\Navilog1
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
7 déc. 2007 à 21:17
7 déc. 2007 à 21:17
Ok voilà déjà les rapports de combofix et hijackthis:
ComboFix 07-12-07.3 - ethan 2007-12-07 21:11:13.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.212 [GMT 1:00]
Running from: C:\Documents and Settings\ethan\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\ethan\Bureau\Nouveau dossier\CFScript.txt
* Created a new restore point
FILE
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe
C:\upload_moi_TOSTAKY.tar.gz
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
.
2007-12-07 13:49 . 2007-12-07 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-07 13:41 . 2007-12-07 13:41 <REP> d-------- C:\Program Files\Panda Security
2007-12-04 20:46 . 2007-12-04 20:47 <REP> d-------- C:\Program Files\AVG Anti-Spyware 7.5
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\ethan\Application Data\Grisoft
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-04 20:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 15:33 . 2007-12-07 20:51 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-03 21:09 . 2007-12-03 21:09 <REP> d-------- C:\Program Files\CCleaner
2007-11-15 12:41 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 14:46 --------- d-----w C:\Program Files\Google
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-03 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 11:41 --------- d-----w C:\Program Files\Java
2007-11-05 15:08 --------- d-----w C:\Program Files\Maya l'Abeille
2007-10-25 09:22 --------- d-----w C:\Program Files\Shareaza
2007-10-25 09:22 --------- d-----w C:\Documents and Settings\ethan\Application Data\Shareaza
2007-10-25 09:06 --------- d-----w C:\Program Files\Neuf
2007-10-18 13:05 --------- d-----w C:\Program Files\GIMP-2.0
2007-10-18 12:57 --------- d-----w C:\Program Files\GTK
2007-10-12 16:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-12 16:06 --------- d-----w C:\Program Files\SlySoft
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-10-12 15:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2005-05-23 18:46 284 ----a-w C:\Documents and Settings\ethan\Application Data\ViewerApp.dat
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2005-07-26 12:07 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2005-04-20 16:57 56 --sh--r C:\WINDOWS\system32\BD8297FA5C.sys
2005-09-01 14:28 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"="C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe" [2005-03-17 10:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPpromo psc 2175"="C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" [2003-09-08 15:16]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2006-11-17 12:41]
"InCD"="C:\Program Files\utilitaire\nero\InCD\InCD.exe" [2005-01-03 10:41]
"avast!"="C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe" [2007-12-04 14:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="realsched.exe" []
"Sin Espias"="C:\Program Files\SinEspias\No-Spy.exe" []
"stnospy"="C:\Program Files\SinEspias\no-spy.exe" []
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe" [2006-11-17 14:16]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-05 10:34]
"!AVG Anti-Spyware"="C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2005-04-19 12:59]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\utilitaire\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
R1 prodrv04;Star Force copy protection driver v4;C:\WINDOWS\system32\drivers\prodrv04.sys
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
S3 Defender;Defender;\??\C:\Program Files\SinEspias\Defender.sys
S3 PWIPENUM;PWIPENUM;\??\C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWIPENUM.SYS
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 SpyFighter;SpyFighter Guard Device;\??\C:\Program Files\SPYWAREfighter\spyfighter.sys
S3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe"
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2005-07-28 13:56:53 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1114013460.job"
- C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 21:12:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-07 21:13:43
C:\ComboFix2.txt ... 2007-12-07 20:58
C:\ComboFix3.txt ... 2007-12-07 20:12
.
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 21:14:36, on 07/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\Program Files\utilitaire\avast\aswUpdSv.exe
C:\Program Files\utilitaire\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\utilitaire\avast\ashMaiSv.exe
C:\Program Files\utilitaire\avast\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\utilitaire\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\utilitaire\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\utilitaire\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\utilitaire\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
merci
ComboFix 07-12-07.3 - ethan 2007-12-07 21:11:13.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.212 [GMT 1:00]
Running from: C:\Documents and Settings\ethan\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\ethan\Bureau\Nouveau dossier\CFScript.txt
* Created a new restore point
FILE
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe
C:\upload_moi_TOSTAKY.tar.gz
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
.
2007-12-07 13:49 . 2007-12-07 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-07 13:41 . 2007-12-07 13:41 <REP> d-------- C:\Program Files\Panda Security
2007-12-04 20:46 . 2007-12-04 20:47 <REP> d-------- C:\Program Files\AVG Anti-Spyware 7.5
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\ethan\Application Data\Grisoft
2007-12-04 20:46 . 2007-12-04 20:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-04 20:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 15:33 . 2007-12-07 20:51 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-03 21:09 . 2007-12-03 21:09 <REP> d-------- C:\Program Files\CCleaner
2007-11-15 12:41 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 14:46 --------- d-----w C:\Program Files\Google
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-03 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 11:41 --------- d-----w C:\Program Files\Java
2007-11-05 15:08 --------- d-----w C:\Program Files\Maya l'Abeille
2007-10-25 09:22 --------- d-----w C:\Program Files\Shareaza
2007-10-25 09:22 --------- d-----w C:\Documents and Settings\ethan\Application Data\Shareaza
2007-10-25 09:06 --------- d-----w C:\Program Files\Neuf
2007-10-18 13:05 --------- d-----w C:\Program Files\GIMP-2.0
2007-10-18 12:57 --------- d-----w C:\Program Files\GTK
2007-10-12 16:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-12 16:06 --------- d-----w C:\Program Files\SlySoft
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-10-12 15:40 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-10-12 15:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2005-05-23 18:46 284 ----a-w C:\Documents and Settings\ethan\Application Data\ViewerApp.dat
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2005-07-26 12:07 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2005-04-20 16:57 56 --sh--r C:\WINDOWS\system32\BD8297FA5C.sys
2005-09-01 14:28 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"="C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe" [2005-03-17 10:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPpromo psc 2175"="C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" [2003-09-08 15:16]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2006-11-17 12:41]
"InCD"="C:\Program Files\utilitaire\nero\InCD\InCD.exe" [2005-01-03 10:41]
"avast!"="C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe" [2007-12-04 14:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="realsched.exe" []
"Sin Espias"="C:\Program Files\SinEspias\No-Spy.exe" []
"stnospy"="C:\Program Files\SinEspias\no-spy.exe" []
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe" [2006-11-17 14:16]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-05 10:34]
"!AVG Anti-Spyware"="C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2005-04-19 12:59]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\utilitaire\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
R1 prodrv04;Star Force copy protection driver v4;C:\WINDOWS\system32\drivers\prodrv04.sys
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
S3 Defender;Defender;\??\C:\Program Files\SinEspias\Defender.sys
S3 PWIPENUM;PWIPENUM;\??\C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWIPENUM.SYS
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 SpyFighter;SpyFighter Guard Device;\??\C:\Program Files\SPYWAREfighter\spyfighter.sys
S3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe"
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2005-07-28 13:56:53 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1114013460.job"
- C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 21:12:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-07 21:13:43
C:\ComboFix2.txt ... 2007-12-07 20:58
C:\ComboFix3.txt ... 2007-12-07 20:12
.
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 21:14:36, on 07/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\Program Files\utilitaire\avast\aswUpdSv.exe
C:\Program Files\utilitaire\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\utilitaire\avast\ashMaiSv.exe
C:\Program Files\utilitaire\avast\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\UTILIT~1\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\utilitaire\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\utilitaire\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\utilitaire\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\utilitaire\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
7 déc. 2007 à 21:24
7 déc. 2007 à 21:24
re,
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
puis
tu surf avec internet explorer 6.0 = failles de securitées importantes
alors fais les mises a jour windows : tu veux la version 7.0
et pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
et
instale
par feu : kerio
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
ou zone alarm plus facil a configurer mais moins performant
http://www.kachouri.com/tuto/tuto-143-zonealarm-installation-du-firewall--pare-feu.html
puis regarde ceci concerant avast :
Antivir vs Avast :
->http://forum.malekal.com/ftopic3528.php
alors desinstale avast et instal antivir
Telecharge et instal l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel configuration du scanner...
une fois antivir ouvert click sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite puis dans la nouvelle fenetre a gauche >scanner > scan all files et en dessous >scanner priority = High
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
et fais un scan complet de ta machine avec antivir en mode sans echec et post le rapport ici
donc post les deux rapports celui de sdfix et celui d´antivir
@+
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
puis
tu surf avec internet explorer 6.0 = failles de securitées importantes
alors fais les mises a jour windows : tu veux la version 7.0
et pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
et
instale
par feu : kerio
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
ou zone alarm plus facil a configurer mais moins performant
http://www.kachouri.com/tuto/tuto-143-zonealarm-installation-du-firewall--pare-feu.html
puis regarde ceci concerant avast :
Antivir vs Avast :
->http://forum.malekal.com/ftopic3528.php
alors desinstale avast et instal antivir
Telecharge et instal l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel configuration du scanner...
une fois antivir ouvert click sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite puis dans la nouvelle fenetre a gauche >scanner > scan all files et en dessous >scanner priority = High
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
et fais un scan complet de ta machine avec antivir en mode sans echec et post le rapport ici
donc post les deux rapports celui de sdfix et celui d´antivir
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
7 déc. 2007 à 21:35
7 déc. 2007 à 21:35
Ok je vais installer les logiciels dont tu parles, voila le rapport SDfix:
SDFix: Version 1.117
Run by ethan on 07/12/2007 at 21:23
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\ethan\Bureau\SDFIXE~1\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 21:28:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
Files with Hidden Attributes:
Wed 20 Apr 2005 56 ..SHR --- "C:\WINDOWS\system32\BD8297FA5C.sys"
Thu 1 Sep 2005 2,828 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Sun 9 Oct 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Finished!
merci
SDFix: Version 1.117
Run by ethan on 07/12/2007 at 21:23
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\ethan\Bureau\SDFIXE~1\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 21:28:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
Files with Hidden Attributes:
Wed 20 Apr 2005 56 ..SHR --- "C:\WINDOWS\system32\BD8297FA5C.sys"
Thu 1 Sep 2005 2,828 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Sun 9 Oct 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Finished!
merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
7 déc. 2007 à 21:44
7 déc. 2007 à 21:44
ok
fais la suite
@+
fais la suite
@+
Salut Girly,
Désolée mais j'ai bossée plus tard que prévu aujourd'hui, donc voilà le scan du disque dur local d'antivir
AntiVir PersonalEdition Classic
Report file date: vendredi 7 décembre 2007 23:43
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 7 décembre 2007 23:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '34' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-234-msupd14766.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf19e.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-524-Update_0711_KB091803.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '46c98a3f.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-745-Update_0711_KB091802.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf1e0.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '47c7f2be.qua'!
C:\Program Files\Panda Security\TotalScan\SETA0.tmp
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '47adf291.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47cef368.qua'!
End of the scan: samedi 8 décembre 2007 02:31
Used time: 2:48:42 min
The scan has been done completely.
4752 Scanning directories
200278 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
200272 Files not concerned
895 Archives were scanned
1 Warnings
0 Notes
Merci
Désolée mais j'ai bossée plus tard que prévu aujourd'hui, donc voilà le scan du disque dur local d'antivir
AntiVir PersonalEdition Classic
Report file date: vendredi 7 décembre 2007 23:43
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 7 décembre 2007 23:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '34' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-234-msupd14766.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf19e.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-524-Update_0711_KB091803.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '46c98a3f.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-745-Update_0711_KB091802.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf1e0.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '47c7f2be.qua'!
C:\Program Files\Panda Security\TotalScan\SETA0.tmp
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '47adf291.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47cef368.qua'!
End of the scan: samedi 8 décembre 2007 02:31
Used time: 2:48:42 min
The scan has been done completely.
4752 Scanning directories
200278 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
200272 Files not concerned
895 Archives were scanned
1 Warnings
0 Notes
Merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 déc. 2007 à 19:17
8 déc. 2007 à 19:17
ok
aparemant ce n´est que des fichiers qui sont dans des quarantaines...
vide la quarantaine d´antivir .
fais ceci pour verifier :
A.V.G :
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
@+
aparemant ce n´est que des fichiers qui sont dans des quarantaines...
vide la quarantaine d´antivir .
fais ceci pour verifier :
A.V.G :
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
@+
Ok pour avg antispy j'étais en train de le faire voici le rapport:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:19:14 08/12/2007
+ Résultat de l'analyse:
C:\Documents and Settings\ethan\Cookies\ethan@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
Merci
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:19:14 08/12/2007
+ Résultat de l'analyse:
C:\Documents and Settings\ethan\Cookies\ethan@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\ethan\Cookies\ethan@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
Merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 déc. 2007 à 20:22
8 déc. 2007 à 20:22
ok
repost un nouveau hijack this stp
repost un nouveau hijack this stp
Voila le rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:37:39, on 08/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
Logfile of HijackThis v1.99.1
Scan saved at 20:37:39, on 08/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
9 déc. 2007 à 16:17
9 déc. 2007 à 16:17
Salut Girly, alors je te mets à nouveau un raport antivir, et un rapport hijackthis
AntiVir PersonalEdition Classic
Report file date: vendredi 7 décembre 2007 23:43
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 7 décembre 2007 23:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '34' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-234-msupd14766.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf19e.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-524-Update_0711_KB091803.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '46c98a3f.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-745-Update_0711_KB091802.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf1e0.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '47c7f2be.qua'!
C:\Program Files\Panda Security\TotalScan\SETA0.tmp
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '47adf291.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47cef368.qua'!
End of the scan: samedi 8 décembre 2007 02:31
Used time: 2:48:42 min
The scan has been done completely.
4752 Scanning directories
200278 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
200272 Files not concerned
895 Archives were scanned
1 Warnings
0 Notes
Logfile of HijackThis v1.99.1
Scan saved at 16:16:36, on 09/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
AntiVir PersonalEdition Classic
Report file date: vendredi 7 décembre 2007 23:43
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 7 décembre 2007 23:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '34' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-234-msupd14766.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf19e.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-524-Update_0711_KB091803.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '46c98a3f.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071207-205154-745-Update_0711_KB091802.exe
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47bcf1e0.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '47c7f2be.qua'!
C:\Program Files\Panda Security\TotalScan\SETA0.tmp
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '47adf291.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\msupd14766.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.Morphine.Gen
[INFO] The file was moved to '47cef368.qua'!
End of the scan: samedi 8 décembre 2007 02:31
Used time: 2:48:42 min
The scan has been done completely.
4752 Scanning directories
200278 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
200272 Files not concerned
895 Archives were scanned
1 Warnings
0 Notes
Logfile of HijackThis v1.99.1
Scan saved at 16:16:36, on 09/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\utilitaire\hp\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\utilitaire\hp\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
9 déc. 2007 à 20:44
9 déc. 2007 à 20:44
salut chacha106,
vide la quarantaine d´antivir et supprime tout ce qu´il y a dans le fichier back up de hijack this
et fais analyser ceci :
realsched.exe
fais une recherche avec l´explorateur wimdows pour le trouver
et upload le ici
http://virusscan.jotti.org/de/
et post le resultat ici
@+
vide la quarantaine d´antivir et supprime tout ce qu´il y a dans le fichier back up de hijack this
et fais analyser ceci :
realsched.exe
fais une recherche avec l´explorateur wimdows pour le trouver
et upload le ici
http://virusscan.jotti.org/de/
et post le resultat ici
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
10 déc. 2007 à 17:07
10 déc. 2007 à 17:07
Salut Girly,
J'ai supprimé les fichiers dont tu parlais, et ai scanner le fichier realsched.exe, voila le rapport du scan online:
Service load:
0% 100%
File: realsched.exe
Status:
OK
MD5: 77ed13fd3196ebc7311ccd6899c7488c
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 10 Dec 2007 15:44:35 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
Je te remetsun rapport hijakthis:
Logfile of HijackThis v1.99.1
Scan saved at 17:04:36, on 10/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqWRG.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
J'ai supprimé les fichiers dont tu parlais, et ai scanner le fichier realsched.exe, voila le rapport du scan online:
Service load:
0% 100%
File: realsched.exe
Status:
OK
MD5: 77ed13fd3196ebc7311ccd6899c7488c
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 10 Dec 2007 15:44:35 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
Je te remetsun rapport hijakthis:
Logfile of HijackThis v1.99.1
Scan saved at 17:04:36, on 10/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\kerio\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\utilitaire\nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqWRG.exe
C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\utilitaire\nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [Sin Espias] C:\Program Files\SinEspias\No-Spy.exe /autorun
O4 - HKLM\..\Run: [stnospy] C:\Program Files\SinEspias\no-spy.exe /autorun
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1166744164\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\UTILIT~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\utilitaire\picture package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\utilitaire\picture package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\utilitaire\nero\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - Unknown owner - C:\Program Files\SPYWAREfighter\spfprc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
10 déc. 2007 à 17:32
10 déc. 2007 à 17:32
salut chacha
a l´aide de hijack this coche et fix ceci :
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
met ta version de windows a jour
tu surf avec internet explorer 6.0 = failles de securitées importantes
alors fais les mises a jour windows : tu veux la version 7.0
et pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
ta version de acrobat reader n´est pas a jour non plus, tu as la version 7.0 tu veux la version 8.1
desinstal ta version et instale la nouvelle a la place :
https://get2.adobe.com/reader/otherversions/
ou si tu prefere quelque chose de plus leger : foxit
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
comment va ton pc?
@+
a l´aide de hijack this coche et fix ceci :
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/registration-free-antivirus?lang=ENG
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
met ta version de windows a jour
tu surf avec internet explorer 6.0 = failles de securitées importantes
alors fais les mises a jour windows : tu veux la version 7.0
et pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
ta version de acrobat reader n´est pas a jour non plus, tu as la version 7.0 tu veux la version 8.1
desinstal ta version et instale la nouvelle a la place :
https://get2.adobe.com/reader/otherversions/
ou si tu prefere quelque chose de plus leger : foxit
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
comment va ton pc?
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
10 déc. 2007 à 17:58
10 déc. 2007 à 17:58
Ok,
j'ai fixé les lignes concernées, je tourne maintenant avec firefox, la mise à jour adobe je vais l'installer et j'ai remis les mise à jour windows en route (elles se telechargeront à 18h) à priori mon pc va bien, j'ai refais des scans avecantivir, avg antispy et adaware et ils ne me trouvent plus rien.
Quand je vais dans local setting, je n'ai plus de fichier temp.tmd1,2,3......le trojan était détecté par avast dans ces fichiers.
Merci beaucoup Girly, est ce que je dois faire autre chose avant de marquer la discussion en résolu?
j'ai fixé les lignes concernées, je tourne maintenant avec firefox, la mise à jour adobe je vais l'installer et j'ai remis les mise à jour windows en route (elles se telechargeront à 18h) à priori mon pc va bien, j'ai refais des scans avecantivir, avg antispy et adaware et ils ne me trouvent plus rien.
Quand je vais dans local setting, je n'ai plus de fichier temp.tmd1,2,3......le trojan était détecté par avast dans ces fichiers.
Merci beaucoup Girly, est ce que je dois faire autre chose avant de marquer la discussion en résolu?
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
10 déc. 2007 à 18:05
10 déc. 2007 à 18:05
re,
as tu le rapport du dernier scan que tu as fais avec antivir?
si tu l´as post le ici stp
@+
as tu le rapport du dernier scan que tu as fais avec antivir?
si tu l´as post le ici stp
@+
chacha106
Messages postés
31
Date d'inscription
mardi 4 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2010
10 déc. 2007 à 18:27
10 déc. 2007 à 18:27
Re,
Voici le rapport d'antivir d'hier soir:
AntiVir PersonalEdition Classic
Report file date: dimanche 9 décembre 2007 16:46
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ethan\LOCALS~1\Temp\8674672b.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: dimanche 9 décembre 2007 16:46
Starting the file scan:
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Le.Village.FRENCH.DVDRip.GGT.share by pArsinG.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Meet.The.Robinsons.FRENCH.DVDSCR.XViD-LAST.By.Agecanonix.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\My.Super.Ex.Girlfriend.FRENCH.DVDRiP.XviD-SUPEREX-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Night.At.The.Museum.FRENCH.DVDRiP.XviD-GeT-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Premonition.FRENCH.DVDRiP.XviD-iD-PoWeR.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Pretty girl in hardcore action - www.EroTrix.org - extreme horny anal pics orgy xxx sex porn erotic erotrix anal young .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\rocco sifredi - savannah - threesome anal sex two stunning girls get fucked up the ass fo.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Sodomisée a 3 Orgasmes (Porno Sexe Teens Bite Vagin Fellation Sperme Anus Sodomie Suce Anal Sex Chatte .mpeg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Tempelriddernes.Skat.FRENCH.DVDRiP.XViD-PiRAZ-UnitY.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Terreur.Sur.La.Ligne.French.Dvdrip.Xvid.Par.www.eMulenfer.org.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Ant.Bully.FRENCH.DVDRiP.XviD-ANTBULLY.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Cave.FRENCH.DVDRiP.XViD-GeT.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Covenant.FRENCH.DVDRiP.XviD-COVENANT-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Descent.FRENCH.DVDRip.XviD-LOST-DiViDe.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Exorcism.Of.Emily.Rose.FRENCH.DVDRip.REPACK.1CD.XviD.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Last.Mimzy.FRENCH.DVDRip.XviD-TICKETS-PoWeR.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Messengers.FRENCH.DVDRiP.XviD-iD-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Zodiac.2005.FRENCH.DVDRiP.XViD-STS-SaTaN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\THIS HOT COLLEGE CHICK IS A SUPER WILD FUCK#2 gangbangs group orgy double penetration sexy girls first xxx hardcore porn .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Turbo-Power-Rangers-Dvdrip-Francais-1h35.test.by.emule-mania.com.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Un.long.dimanche.de.fiancailles.REPACK.FRENCH.DVDRIP.ORB.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\X-Men.The.Last.Stand.FRENCH.DVDRip.XviD-LOST.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\(03) [Bob Sinclar] What I want by Fireball (1).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\[FILMS] - Le Magicien d'OZ - [DivX Fr].avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\[Hentai Fr] - Bible Black (Sexe & magie noir Vol 1).avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\30.Ans.Sinon.Rien.By.EVASiON.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\50 Cent ft. Justin Timberlake - She Wants It (Ayo Technology) .mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\A.la.recherche.du.bonheur.FRENCH.DVDRiP.REPACK.1CD.XViD-STS-ANGE.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - Me And Mr Jones.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - Rehab.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - You Know I'm No Good.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Baby sittor.FRENCH.DVDRip.XViD.verifier.par.divxorama.net.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Backroom Facials - Linette (indian girl) - gangbangs group orgy double penetration sexy girls first xxx hardcore porn p.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Backroom Facials - Young Busty Redhead - gangbangs group orgy double penetration sexy girls first xxx hardcore porn party.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Barbecue.Party.2004.STV.FRENCH.INTERNAL.DVDRiP.XviD-CFL-SATAN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Beetlejuice.-.DVDRIP.-.FR.-.DivXPro.5.02.-Sque.eze-.[Spartateur].avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Bob Sinclar David Guetta Shanna Tom Snare Fireball Tous Les Tubes De L'été 2007 En Mix'club Par Dj Tony.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Brutal Double Penetration Blonde Nikki Cox - Euro Angels Hardball 6 - Anal Gangbang Facial Cumshot Oral Blowj.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Charlie.et.La.Chocolaterie.DVDRip.Fr.Ripped.By.Nasty.INSERT INTO cdv_wfdownloads_downloads VALUES (2006).VERSION.FR.NON.C.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Click.FRENCH.DVDRip.XViD-SEQ.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Contre Enquete French Dvdrip Xvid-Unity.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\David Guetta - Love is Gone.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Drunk Sister In Bed Nude Porno Sexy Bitch Ass Cunt Anal Asian Rape Spank Redhead Upskirt Nipple Celeb Hentai.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Eragon.PROPER.FRENCH.DVDRiP.REPACK.1CD.XViD-SnowTigerS-CyNiBO.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Fashion.Victime.FRENCH.DVDRip.XViD-SEQUENCE.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\film x de rocco sifredi.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Gauge Extreme!!! Gangbang Girl 32-Double anal!, anal creampie with another girl licking the cum out of her asshole-nasty .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Half.Light.FRENCH.DVDRiP.XViD-NTK-SaTaN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Houston rough - what a rape! [violent hard sex anal facial swallow pain facial cumshot] .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Ice.Princess.FRENCH.DVDSCR.XVID-GGT.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Jenifer - Tourner ma page (1).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Justin Timberlake - What Goes Around...Comes Around.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Koxie - Garçons (Gare aux cons).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\La.Belle.au.bois.dormant[disney].DivX.5.Fr.www.divxofile.com.avi.xml'
End of the scan: dimanche 9 décembre 2007 16:46
Used time: 00:03 min
The scan has been done completely.
0 Scanning directories
54 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
54 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
Merci
Voici le rapport d'antivir d'hier soir:
AntiVir PersonalEdition Classic
Report file date: dimanche 9 décembre 2007 16:46
Scanning for 963523 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: ethan
Computer name: TOSTAKY
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 20:56:38
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 20:56:38
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 20:56:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ethan\LOCALS~1\Temp\8674672b.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: dimanche 9 décembre 2007 16:46
Starting the file scan:
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Le.Village.FRENCH.DVDRip.GGT.share by pArsinG.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Meet.The.Robinsons.FRENCH.DVDSCR.XViD-LAST.By.Agecanonix.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\My.Super.Ex.Girlfriend.FRENCH.DVDRiP.XviD-SUPEREX-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Night.At.The.Museum.FRENCH.DVDRiP.XviD-GeT-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Premonition.FRENCH.DVDRiP.XviD-iD-PoWeR.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Pretty girl in hardcore action - www.EroTrix.org - extreme horny anal pics orgy xxx sex porn erotic erotrix anal young .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\rocco sifredi - savannah - threesome anal sex two stunning girls get fucked up the ass fo.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Sodomisée a 3 Orgasmes (Porno Sexe Teens Bite Vagin Fellation Sperme Anus Sodomie Suce Anal Sex Chatte .mpeg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Tempelriddernes.Skat.FRENCH.DVDRiP.XViD-PiRAZ-UnitY.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Terreur.Sur.La.Ligne.French.Dvdrip.Xvid.Par.www.eMulenfer.org.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Ant.Bully.FRENCH.DVDRiP.XviD-ANTBULLY.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Cave.FRENCH.DVDRiP.XViD-GeT.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Covenant.FRENCH.DVDRiP.XviD-COVENANT-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Descent.FRENCH.DVDRip.XviD-LOST-DiViDe.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Exorcism.Of.Emily.Rose.FRENCH.DVDRip.REPACK.1CD.XviD.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Last.Mimzy.FRENCH.DVDRip.XviD-TICKETS-PoWeR.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Messengers.FRENCH.DVDRiP.XviD-iD-AceBot.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\The.Zodiac.2005.FRENCH.DVDRiP.XViD-STS-SaTaN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\THIS HOT COLLEGE CHICK IS A SUPER WILD FUCK#2 gangbangs group orgy double penetration sexy girls first xxx hardcore porn .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Turbo-Power-Rangers-Dvdrip-Francais-1h35.test.by.emule-mania.com.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Un.long.dimanche.de.fiancailles.REPACK.FRENCH.DVDRIP.ORB.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\X-Men.The.Last.Stand.FRENCH.DVDRip.XviD-LOST.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\(03) [Bob Sinclar] What I want by Fireball (1).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\[FILMS] - Le Magicien d'OZ - [DivX Fr].avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\[Hentai Fr] - Bible Black (Sexe & magie noir Vol 1).avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\30.Ans.Sinon.Rien.By.EVASiON.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\50 Cent ft. Justin Timberlake - She Wants It (Ayo Technology) .mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\A.la.recherche.du.bonheur.FRENCH.DVDRiP.REPACK.1CD.XViD-STS-ANGE.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - Me And Mr Jones.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - Rehab.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Amy Winehouse - You Know I'm No Good.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Baby sittor.FRENCH.DVDRip.XViD.verifier.par.divxorama.net.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Backroom Facials - Linette (indian girl) - gangbangs group orgy double penetration sexy girls first xxx hardcore porn p.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Backroom Facials - Young Busty Redhead - gangbangs group orgy double penetration sexy girls first xxx hardcore porn party.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Barbecue.Party.2004.STV.FRENCH.INTERNAL.DVDRiP.XviD-CFL-SATAN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Beetlejuice.-.DVDRIP.-.FR.-.DivXPro.5.02.-Sque.eze-.[Spartateur].avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Bob Sinclar David Guetta Shanna Tom Snare Fireball Tous Les Tubes De L'été 2007 En Mix'club Par Dj Tony.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Brutal Double Penetration Blonde Nikki Cox - Euro Angels Hardball 6 - Anal Gangbang Facial Cumshot Oral Blowj.mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Charlie.et.La.Chocolaterie.DVDRip.Fr.Ripped.By.Nasty.INSERT INTO cdv_wfdownloads_downloads VALUES (2006).VERSION.FR.NON.C.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Click.FRENCH.DVDRip.XViD-SEQ.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Contre Enquete French Dvdrip Xvid-Unity.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\David Guetta - Love is Gone.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Drunk Sister In Bed Nude Porno Sexy Bitch Ass Cunt Anal Asian Rape Spank Redhead Upskirt Nipple Celeb Hentai.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Eragon.PROPER.FRENCH.DVDRiP.REPACK.1CD.XViD-SnowTigerS-CyNiBO.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Fashion.Victime.FRENCH.DVDRip.XViD-SEQUENCE.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\film x de rocco sifredi.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Gauge Extreme!!! Gangbang Girl 32-Double anal!, anal creampie with another girl licking the cum out of her asshole-nasty .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Half.Light.FRENCH.DVDRiP.XViD-NTK-SaTaN.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Houston rough - what a rape! [violent hard sex anal facial swallow pain facial cumshot] .mpg.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Ice.Princess.FRENCH.DVDSCR.XVID-GGT.avi.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Jenifer - Tourner ma page (1).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Justin Timberlake - What Goes Around...Comes Around.mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\Koxie - Garçons (Gare aux cons).mp3.xml'
Begin scan in 'C:\Documents and Settings\ethan\Mes documents\Downloads\Metadata\La.Belle.au.bois.dormant[disney].DivX.5.Fr.www.divxofile.com.avi.xml'
End of the scan: dimanche 9 décembre 2007 16:46
Used time: 00:03 min
The scan has been done completely.
0 Scanning directories
54 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
54 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
Merci
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
10 déc. 2007 à 18:34
10 déc. 2007 à 18:34
le probleme c´est que tu n ´as scanné que 54 fichiers,
54 Files were scanned
si tu pouvais relancer un scan complet et poster le resultat ca serais mieux...
@+
54 Files were scanned
si tu pouvais relancer un scan complet et poster le resultat ca serais mieux...
@+