Réactiver fichier caché supprimer autorun.inf
Résolu/Fermé
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
-
15 janv. 2008 à 06:43
little-pire - 21 janv. 2008 à 20:19
little-pire - 21 janv. 2008 à 20:19
A voir également:
- Réactiver fichier caché supprimer autorun.inf
- Fichier rar - Guide
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Fichier host - Guide
- Fichier iso - Guide
41 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
15 janv. 2008 à 09:25
15 janv. 2008 à 09:25
slt,
# Téléchargez ce tool de sUBs : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
# Double-cliquez dessus et laissez-vous guider.
__________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
_______________________
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
_______________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne : (desactiver avast le temps du scan)
http://pandasoftware.fr
# Téléchargez ce tool de sUBs : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
# Double-cliquez dessus et laissez-vous guider.
__________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
_______________________
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
_______________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne : (desactiver avast le temps du scan)
http://pandasoftware.fr
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 04:42
16 janv. 2008 à 04:42
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 04:52
16 janv. 2008 à 04:52
Merci d'avoir répondu à mon message de détresse.
Voici la "réponse" du hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:48, on 2008-01-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
Voici la "réponse" du hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:48, on 2008-01-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 05:58
16 janv. 2008 à 05:58
Je viens de finir le test AVG, il a trouvé une centaine de Cookies, voici le rapport:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 05:56 2008-01-16
+ Résultat de l'analyse:
:mozilla.248:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.249:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.250:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.111:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.196:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.302:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.402:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.75:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.76:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.292:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.293:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.186:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.73:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[5].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.283:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.284:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.285:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.382:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Counted : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ad.de.doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.132:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.244:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.245:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.286:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.287:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@search.msn[3].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.131:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.340:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.234:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.235:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.236:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.237:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.238:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.239:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.240:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.268:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.269:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@site.skype[1].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@skype[2].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.15:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.17:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.18:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[4].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.217:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.218:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.219:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.220:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.35:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.10:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.12:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.19:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.21:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[4].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[5].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 05:56 2008-01-16
+ Résultat de l'analyse:
:mozilla.248:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.249:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.250:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.111:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.196:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.302:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.402:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.75:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.76:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.292:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.293:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.186:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.73:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[5].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.283:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.284:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.285:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.382:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Counted : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ad.de.doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.132:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.244:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.245:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Gemius : Nettoyé.
:mozilla.286:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.287:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@search.msn[3].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.131:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.340:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.234:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.235:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.236:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.237:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.238:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.239:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.240:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.268:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.269:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@site.skype[1].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@skype[2].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.15:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.17:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.18:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[4].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.217:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.218:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.219:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.220:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.35:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.10:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.12:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.19:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.21:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[4].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[5].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 06:53
16 janv. 2008 à 06:53
Bon dernière étape, voilà le résultat de mon dernier scan avec Panda (TotalScan)
A priori il reste toujours des trucs, mais ils ont l'air d'être dans des zones de quarantaines (j'ai utilisé pas mal de logiciels avant pour scanner). Je ne comprends pas tout, mais est ce que c'est possible de vraiment supprimer tous ces virus?
Voici le rapport
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-01-16 06:50:18
PROTECTIONS: 2
MALWARE: 24
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 7.0.2.1
No Yes
avast! antivirus 4.7.1098 [VPS 080115-0] 4.7.1098 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.atdmt.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.tribalfusion.com/]
00156964 Cookie/2o7 TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.112.2o7.net/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fe.lea.lycos.fr/]
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.toplist.cz/]
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.perf.overture.com/]
00168069 Cookie/Bilbo.counted TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[bilbo.counted.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.bs.serving-sys.com/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00170550 Cookie/Humanclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[hc2.humanclick.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.overture.com/]
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\anti virus\CLEAN.ZIP[clean/pskill.exe]
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\anti virus\CLEAN\CLEAN\PSKILL.EXE
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\Cache\426549C9d01[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Local Settings\Temporary Internet Files\Content.IE5\DEKY9LGF\Flash_Disinfector[1].exe[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Local Settings\Temp\NIRCMD.EXE
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\anti virus\Flash_Disinfector.exe[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\Flash_Disinfector.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{188E40F0-ED0E-4229-A9C6-C6CA03F40F1B}\RP418\A0089754.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{188E40F0-ED0E-4229-A9C6-C6CA03F40F1B}\RP418\A0089809.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\ComboFix\NIRCMD.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\ComboFix\nircmd.cfexe
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe[nircmd.cfexe]
02814252 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/avpo0.dll]
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][qoobox/Quarantine/D/autorun.inf.vir]
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\QooBox\Quarantine\C\autorun.inf.vir
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\QooBox\Quarantine\D\autorun.inf.vir
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][qoobox/Quarantine/C/autorun.inf.vir]
02886718 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/help.exe.tmp]
02888351 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/amvo1.dll]
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
A priori il reste toujours des trucs, mais ils ont l'air d'être dans des zones de quarantaines (j'ai utilisé pas mal de logiciels avant pour scanner). Je ne comprends pas tout, mais est ce que c'est possible de vraiment supprimer tous ces virus?
Voici le rapport
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-01-16 06:50:18
PROTECTIONS: 2
MALWARE: 24
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 7.0.2.1
No Yes
avast! antivirus 4.7.1098 [VPS 080115-0] 4.7.1098 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.atdmt.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.247realmedia.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.tribalfusion.com/]
00156964 Cookie/2o7 TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.112.2o7.net/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fe.lea.lycos.fr/]
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.toplist.cz/]
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.perf.overture.com/]
00168069 Cookie/Bilbo.counted TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[bilbo.counted.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.bs.serving-sys.com/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[fl01.ct2.comclick.com/]
00170550 Cookie/Humanclick TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[hc2.humanclick.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.overture.com/]
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\anti virus\CLEAN.ZIP[clean/pskill.exe]
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\anti virus\CLEAN\CLEAN\PSKILL.EXE
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\COOKIES.TXT[.smartadserver.com/]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\i4y33m55.default\Cache\426549C9d01[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Local Settings\Temporary Internet Files\Content.IE5\DEKY9LGF\Flash_Disinfector[1].exe[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Local Settings\Temp\NIRCMD.EXE
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\anti virus\Flash_Disinfector.exe[nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\Flash_Disinfector.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{188E40F0-ED0E-4229-A9C6-C6CA03F40F1B}\RP418\A0089754.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{188E40F0-ED0E-4229-A9C6-C6CA03F40F1B}\RP418\A0089809.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\ComboFix\NIRCMD.EXE
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\ComboFix\nircmd.cfexe
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe[nircmd.cfexe]
02814252 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/avpo0.dll]
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][qoobox/Quarantine/D/autorun.inf.vir]
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\QooBox\Quarantine\C\autorun.inf.vir
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\QooBox\Quarantine\D\autorun.inf.vir
02885395 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][qoobox/Quarantine/C/autorun.inf.vir]
02886718 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/help.exe.tmp]
02888351 W32/Lineage.GQY.worm Virus/Worm No 1 Yes No C:\upload_moi_ACER-19B694409A.tar.gz[upload_moi.tar][WINDOWS/System32/amvo1.dll]
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 07:04
16 janv. 2008 à 07:04
Merci JlpJlp!!!
Je viens de vérifier, la bonne nouvelle c'est que j'ai accès de nouveau à mes fichiers cachés. Au moins ce problème là est résolu, mais je ne suis pas sure d'avoir vraiment supprimé ce qui l'avait activé.
Donc si quelqu'un peut me répondre... Merci!!!
Je viens de vérifier, la bonne nouvelle c'est que j'ai accès de nouveau à mes fichiers cachés. Au moins ce problème là est résolu, mais je ne suis pas sure d'avoir vraiment supprimé ce qui l'avait activé.
Donc si quelqu'un peut me répondre... Merci!!!
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 07:10
16 janv. 2008 à 07:10
Juste pour préciser, quand je parle des fichiers qui me semblent encore suspect, je parle de WINDOWS/System32/avpo0.dll par exemple, ce sont les premiers fichiers que mon antivirus avait détecté comme infestés.
Je suis allée voir le lecteur C, dans le chemin spécifié mais je ne les trouve pas...
Je suis allée voir le lecteur C, dans le chemin spécifié mais je ne les trouve pas...
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
16 janv. 2008 à 11:04
16 janv. 2008 à 11:04
rescanne avec ton antivirus pour voir si il trouve encore des infections
et recolle un rapport hijackthis
et recolle un rapport hijackthis
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 21:16
16 janv. 2008 à 21:16
Je viens de faire le scan avec mon antivirus (Avast)
Voilà ce qu'il me dit
Nom du fichier
C:\Program Files\Panda Security\TotalScan8pskavs.dll
Résultat
Infection: Win32:CTX
Opération
Le fichier a été supprimé avec succès
Voilà ce qu'il me dit
Nom du fichier
C:\Program Files\Panda Security\TotalScan8pskavs.dll
Résultat
Infection: Win32:CTX
Opération
Le fichier a été supprimé avec succès
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
16 janv. 2008 à 22:32
16 janv. 2008 à 22:32
Et voilà maintenant le rapport hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29, on 2008-01-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29, on 2008-01-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 janv. 2008 à 10:57
17 janv. 2008 à 10:57
ca ce sont des traces de scan avec panda en ligne donc pas de souci:
C:\Program Files\Panda Security\TotalScan8pskavs.dll
Résultat
Infection: Win32:CTX
___________________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
_________________
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS\system32\avpo.exe
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
___________________
tu as deux antivirus : avast et antivir? desinstalle avast car moins efficace
_____________________
colle un rapport antivir , hijackthis et dis tes soucis
a plus
C:\Program Files\Panda Security\TotalScan8pskavs.dll
Résultat
Infection: Win32:CTX
___________________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
_________________
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS\system32\avpo.exe
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
___________________
tu as deux antivirus : avast et antivir? desinstalle avast car moins efficace
_____________________
colle un rapport antivir , hijackthis et dis tes soucis
a plus
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
17 janv. 2008 à 21:15
17 janv. 2008 à 21:15
Voici le rapport du MoveIt
File/Folder not found.
File/Folder C:\WINDOWS\system32\avpo.exe not found.
Created on 01-17-2008 21:14:13
File/Folder not found.
File/Folder C:\WINDOWS\system32\avpo.exe not found.
Created on 01-17-2008 21:14:13
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 janv. 2008 à 21:59
17 janv. 2008 à 21:59
ok poursuis
a plus
a plus
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
17 janv. 2008 à 22:01
17 janv. 2008 à 22:01
Bonjour
Je viens de faire le scan antivir, voici le rapport
AntiVir PersonalEdition Classic
Report file date: 2008-01-17 21:16
Scanning for 1048573 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-19B694409A
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 22:41:22
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 21:51:50
ANTIVIR3.VDF : 7.0.2.8 108032 Bytes 2008-01-16 21:49:08
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-15 21:51:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-15 21:51:50
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-01-17 21:16
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'GUARD.EXE' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'anbmServ.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\upload_moi_ACER-19B694409A.tar.gz
[0] Archive type: GZ
--> upload_moi.tar
[1] Archive type: TAR (tape archiver)
--> WINDOWS/System32/help.exe.tmp
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
--> WINDOWS/System32/avpo0.dll
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
--> WINDOWS/System32/amvo1.dll
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] The file was moved to '47fbb830.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[WARNING] The file was ignored!
Begin scan in 'D:\' <ACERDATA>
End of the scan: 2008-01-17 21:57
Used time: 40:58 min
The scan has been done completely.
7972 Scanning directories
440769 Files were scanned
4 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
440765 Files not concerned
8347 Archives were scanned
3 Warnings
14 Notes
Je viens de faire le scan antivir, voici le rapport
AntiVir PersonalEdition Classic
Report file date: 2008-01-17 21:16
Scanning for 1048573 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-19B694409A
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 22:41:22
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 21:51:50
ANTIVIR3.VDF : 7.0.2.8 108032 Bytes 2008-01-16 21:49:08
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-15 21:51:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-15 21:51:50
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-01-17 21:16
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'GUARD.EXE' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'anbmServ.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\upload_moi_ACER-19B694409A.tar.gz
[0] Archive type: GZ
--> upload_moi.tar
[1] Archive type: TAR (tape archiver)
--> WINDOWS/System32/help.exe.tmp
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
--> WINDOWS/System32/avpo0.dll
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
--> WINDOWS/System32/amvo1.dll
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] The file was moved to '47fbb830.qua'!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[WARNING] The file was ignored!
Begin scan in 'D:\' <ACERDATA>
End of the scan: 2008-01-17 21:57
Used time: 40:58 min
The scan has been done completely.
7972 Scanning directories
440769 Files were scanned
4 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
440765 Files not concerned
8347 Archives were scanned
3 Warnings
14 Notes
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
17 janv. 2008 à 22:11
17 janv. 2008 à 22:11
Et voilà le dernier scan Hijack....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03, on 2008-01-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03, on 2008-01-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\eden.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 janv. 2008 à 22:11
17 janv. 2008 à 22:11
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS/System32/help.exe.tmp
C:\WINDOWS/System32/avpo0.dll
C:\WINDOWS/System32/amvo1.dll
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_____________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
_____________
vire ce qui est en quarantaine dans antivir et rescanne avec et colle moi le rapport
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS/System32/help.exe.tmp
C:\WINDOWS/System32/avpo0.dll
C:\WINDOWS/System32/amvo1.dll
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_____________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
_____________
vire ce qui est en quarantaine dans antivir et rescanne avec et colle moi le rapport
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
17 janv. 2008 à 22:24
17 janv. 2008 à 22:24
Voilà le rapport MoveIt
File/Folder C:\WINDOWS/System32/help.exe.tmp not found.
File/Folder C:\WINDOWS/System32/avpo0.dll not found.
File/Folder C:\WINDOWS/System32/amvo1.dll not found.
DllUnregisterServer procedure not found in C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll NOT unregistered.
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll moved successfully.
Created on 01-17-2008 22:21:58
Merci
File/Folder C:\WINDOWS/System32/help.exe.tmp not found.
File/Folder C:\WINDOWS/System32/avpo0.dll not found.
File/Folder C:\WINDOWS/System32/amvo1.dll not found.
DllUnregisterServer procedure not found in C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll NOT unregistered.
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll moved successfully.
Created on 01-17-2008 22:21:58
Merci
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 janv. 2008 à 22:27
17 janv. 2008 à 22:27
ok
a plus
a plus
little-pire
Messages postés
27
Date d'inscription
mardi 15 janvier 2008
Statut
Membre
Dernière intervention
19 janvier 2008
17 janv. 2008 à 23:23
17 janv. 2008 à 23:23
Salut
C'est bon le CCleaner est fait (je l'ai passé 5 fois jusqu'à ce qu'il ne détecte plus aucune erreur).
Et voici le rapport Antivir après vidage de la zone de quarantaine.
AntiVir PersonalEdition Classic
Report file date: 2008-01-17 22:42
Scanning for 1048573 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-19B694409A
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 22:41:22
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 21:51:50
ANTIVIR3.VDF : 7.0.2.8 108032 Bytes 2008-01-16 21:49:08
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-15 21:51:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-15 21:51:50
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-01-17 22:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'GUARD.EXE' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'anbmServ.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\_OTMoveIt\MovedFiles\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[WARNING] The file was ignored!
Begin scan in 'D:\' <ACERDATA>
End of the scan: 2008-01-17 23:20
Used time: 37:58 min
The scan has been done completely.
7680 Scanning directories
436861 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
436860 Files not concerned
8310 Archives were scanned
3 Warnings
14 Notes
Merci!!
C'est bon le CCleaner est fait (je l'ai passé 5 fois jusqu'à ce qu'il ne détecte plus aucune erreur).
Et voici le rapport Antivir après vidage de la zone de quarantaine.
AntiVir PersonalEdition Classic
Report file date: 2008-01-17 22:42
Scanning for 1048573 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-19B694409A
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 22:41:22
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 21:51:50
ANTIVIR3.VDF : 7.0.2.8 108032 Bytes 2008-01-16 21:49:08
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-15 21:51:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-15 21:51:50
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-01-17 22:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'GUARD.EXE' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'anbmServ.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\_OTMoveIt\MovedFiles\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[WARNING] The file was ignored!
Begin scan in 'D:\' <ACERDATA>
End of the scan: 2008-01-17 23:20
Used time: 37:58 min
The scan has been done completely.
7680 Scanning directories
436861 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
436860 Files not concerned
8310 Archives were scanned
3 Warnings
14 Notes
Merci!!
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 janv. 2008 à 23:28
17 janv. 2008 à 23:28
ok vire ce qui est dans moved files en allant dans poste de travail puis: C....
C:\_OTMoveIt\MovedFiles
______________
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
https://kerio.probb.fr/
_____________
encore des problemes?
C:\_OTMoveIt\MovedFiles
______________
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
https://kerio.probb.fr/
_____________
encore des problemes?