Infecté par un virus!!!
Résolu
Harry Seldon
Messages postés
190
Date d'inscription
Statut
Membre
Dernière intervention
-
g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention -
g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
Grace à un tutoriel d'Antivir ( http://speedweb1.free.fr/frames2.php?page=tuto5 ) j'ai mieux configuré les paramètres de mon antivirus et après analyse un virus nommé : APPLNirCmd.3 a été découvert. j'ai fait une analyse avec hijack this au cas où.
merci de m'indiquer les lignes à supprimer :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49, on 2008-01-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
F:\photoshop\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\DeltTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
E:\deamon tool\DAEMON Tools Lite\daemon.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\fire-fox navigateur\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\acrobat reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\photoshop\apdproxy.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Grace à un tutoriel d'Antivir ( http://speedweb1.free.fr/frames2.php?page=tuto5 ) j'ai mieux configuré les paramètres de mon antivirus et après analyse un virus nommé : APPLNirCmd.3 a été découvert. j'ai fait une analyse avec hijack this au cas où.
merci de m'indiquer les lignes à supprimer :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49, on 2008-01-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
F:\photoshop\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\DeltTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
E:\deamon tool\DAEMON Tools Lite\daemon.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\fire-fox navigateur\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\acrobat reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\photoshop\apdproxy.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:
- Infecté par un virus!!!
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
80 réponses
re,
Vide tes fichiers temporaires avec ceci:
->Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
->aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
click sur option et decoche : delete prefect files.
puis manuellement vide :
:: Le contenu du dossier prefetch ::
* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
* Ne pas oublier de vider la corbeille !
puis fais aussi celui ci :
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
telecharge le ici :
http://serveur1.archive-host.com/membres/up/1366464061/ATF-Cleaner.rar
@+
Vide tes fichiers temporaires avec ceci:
->Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
->aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
click sur option et decoche : delete prefect files.
puis manuellement vide :
:: Le contenu du dossier prefetch ::
* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
* Ne pas oublier de vider la corbeille !
puis fais aussi celui ci :
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
telecharge le ici :
http://serveur1.archive-host.com/membres/up/1366464061/ATF-Cleaner.rar
@+
ok c'est fait!
j'avais l'impression que c'etait beaucoup mieux maintenant!et en fait bof bof.
-
La confiance n'exclut pas le contrôle.
j'avais l'impression que c'etait beaucoup mieux maintenant!et en fait bof bof.
-
La confiance n'exclut pas le contrôle.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok G!rly,
Je peux donc clore ce sujet?
En tout cas je te remercie beaucoup, de m'avoir donné de ton temps pour me fournir ton aide précieuse.
MERCI
@++
Je peux donc clore ce sujet?
En tout cas je te remercie beaucoup, de m'avoir donné de ton temps pour me fournir ton aide précieuse.
MERCI
@++
re,
DSL! Antivir vient de détecter 1 virus!! encore; (Virus or unwanted program 'APPL/Tool.PsKill.2 [APPL/Tool.PsKill.2]'
detected in file 'G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP194\A0041891.exe.)
puis un deuxième quand j'ai lancer un scan antivir (The file contains a virus or unwanted program 'APPL/Tool.PsKill.2' [program]
Action(s) taken:
The file was moved to "4812841f.qua"!)
j'ai mis en quanrantaine et supprimer.
Que dois je faire maintenant?
DSL! Antivir vient de détecter 1 virus!! encore; (Virus or unwanted program 'APPL/Tool.PsKill.2 [APPL/Tool.PsKill.2]'
detected in file 'G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP194\A0041891.exe.)
puis un deuxième quand j'ai lancer un scan antivir (The file contains a virus or unwanted program 'APPL/Tool.PsKill.2' [program]
Action(s) taken:
The file was moved to "4812841f.qua"!)
j'ai mis en quanrantaine et supprimer.
Que dois je faire maintenant?
c'est fait, je lance une autre analyse et je te tiens au courant, si j'ai un problème .
bonne soirée
bonne soirée
voici le rapport, il a trouvé un virus.
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
je vais me coucher, je reviens demain en début de soirée!
dis moi quoi ...
++
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
je vais me coucher, je reviens demain en début de soirée!
dis moi quoi ...
++
Voici le rapportAntivir + un HijackThis, antivir a trouvé un virus.
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
Voici le rapportAntivir + un HijackThis, antivir a trouvé un virus.
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 23:10
Scanning for 1091873 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GAETAN-ORDI
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
ANTIVIR3.VDF : 7.0.2.89 291840 Bytes 04/02/2008 15:38:00
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 02/02/2008 13:05:09
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 4 février 2008 23:10
Starting search for hidden objects.
'48738' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'gTaskSwitch.exe' - '1' Module(s) have been scanned
Scan process 'gDeskMgm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'gIMMgm.exe' - '1' Module(s) have been scanned
Scan process 'gMGlass.exe' - '1' Module(s) have been scanned
Scan process 'gZoom.exe' - '1' Module(s) have been scanned
Scan process 'gAutoScroll.exe' - '1' Module(s) have been scanned
Scan process 'gAutoPan.exe' - '1' Module(s) have been scanned
Scan process 'gKbdTask.exe' - '1' Module(s) have been scanned
Scan process 'gMouseTask.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'delttray.exe' - '1' Module(s) have been scanned
Scan process 'gTaskBar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
Scan process 'lxddmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'Probe2.exe' - '1' Module(s) have been scanned
Scan process 'AsRc.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '31' files ).
Starting the file scan:
Begin scan in 'C:\' <BOOT>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <SOFT>
Begin scan in 'F:\' <DOCS>
Begin scan in 'G:\' <MEDIA>
G:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
[INFO] The file was moved to '47d79b0a.qua'!
End of the scan: mardi 5 février 2008 00:08
Used time: 57:59 min
The scan has been done completely.
12503 Scanning directories
426262 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
426261 Files not concerned
2132 Archives were scanned
3 Warnings
31 Notes
48738 Objects were scanned with rootkit scan
0 Hidden objects were found
re,
Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
ceci concerne clean.zip l´outil que l´on a utilisé auparavant, il n´y a pas de soucis!
fais ceci :
supprime clean.zip
et
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
@+
Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP195\A0044024.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
ceci concerne clean.zip l´outil que l´on a utilisé auparavant, il n´y a pas de soucis!
fais ceci :
supprime clean.zip
et
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
@+
