AU SECOUR! win32:tibs-ado[trj]
Résolu
takata31
Messages postés
79
Statut
Membre
-
xiphos -
xiphos -
Bonjour,
ayant eu un avertissement de trojan, j'ai fait un post ici meme. sur un conseil, j'ai installer superantisyware. il a effectivement trouvé 1 trojan. j'ai fait le nettoyage et j'ai refait un scan.
second scan, 2 trojan. re-nettoyage
troisieme scan, 3 trojan.
ai je penser qu'il est en train de se cloner..??
ayant eu un avertissement de trojan, j'ai fait un post ici meme. sur un conseil, j'ai installer superantisyware. il a effectivement trouvé 1 trojan. j'ai fait le nettoyage et j'ai refait un scan.
second scan, 2 trojan. re-nettoyage
troisieme scan, 3 trojan.
ai je penser qu'il est en train de se cloner..??
A voir également:
- AU SECOUR! win32:tibs-ado[trj]
- Télécharger win32 valide pour windows 7 gratuit - Forum Windows
- Puadimanager win32/offercore ✓ - Forum Virus
- PUA:Win32/InstallCore detecté par windows sécurité ✓ - Forum Virus
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Win32 pup gen ✓ - Forum Linux / Unix
89 réponses
ok ok merci pour ton aide, je vais faire un scan histoire de voir ce que ça me dit...
je te souhaite une bonne fin de soirée Lyonnais92 et encore merci ;-)
je ferais un post si le probleme est resolu ou non................. bye
je te souhaite une bonne fin de soirée Lyonnais92 et encore merci ;-)
je ferais un post si le probleme est resolu ou non................. bye
Salut ! ;o)
Lyonnais,
Rapport supper antispyware
http://www.commentcamarche.net/forum/affich 5185072 au secour win32 tibs ado trj?page=2#42
Trojan.Unclassified/MicroDrv
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036342.DLL
C:\WINDOWS\WNDSK.DLL
C'est pour ça qu' OTMoveIt ne le trouve pas ?
Merci.
Lyonnais,
Rapport supper antispyware
http://www.commentcamarche.net/forum/affich 5185072 au secour win32 tibs ado trj?page=2#42
Trojan.Unclassified/MicroDrv
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036342.DLL
C:\WINDOWS\WNDSK.DLL
C'est pour ça qu' OTMoveIt ne le trouve pas ?
Merci.
salut joginho67,
comme tu vois Lyonnais nous a fait avancer sur mon probleme mais je ne suis pas en mesure de savoir si c'est resolu ou non. je vais donc faire un scan rapide avec AVGantispy histoire de voir....
si il y a un rapport je le posterais
comme tu vois Lyonnais nous a fait avancer sur mon probleme mais je ne suis pas en mesure de savoir si c'est resolu ou non. je vais donc faire un scan rapide avec AVGantispy histoire de voir....
si il y a un rapport je le posterais
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bon, j'ai fait un scan en mode normal. resultat aucun probleme rencontré.
je fais un scan en mode normal avec superantispy maintenant.... voir s'il me liste toujours ce trojan
(c'est chouette, j'ai plein d'outils antispy maintenant ^^)
je fais un scan en mode normal avec superantispy maintenant.... voir s'il me liste toujours ce trojan
(c'est chouette, j'ai plein d'outils antispy maintenant ^^)
bon, je viens donc de faire un scan rapide en mode normal avec superantispy(celui qui me trouvait toujours un troja) et là il ne m'a trouvé que 3 tracking cookie, plus de trace de trojan apperement.
dois je en conclure que le probleme est resolu..?
y a t il encore une manipe que je pourrais faire pour etre sur a 100% que tout ceci n'est plus qu'un mauvais reve..? :-)
dois je en conclure que le probleme est resolu..?
y a t il encore une manipe que je pourrais faire pour etre sur a 100% que tout ceci n'est plus qu'un mauvais reve..? :-)
salut moi je m'arreterai pas a ca!!! trop facile a mon gout
peux tu poster 1 nouveau log hijack stp
kiss
peux tu poster 1 nouveau log hijack stp
kiss
comme je suis un peu du meme avis que toi raleuboleu voici ce que tu demande :-)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:35:30, on 26/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:35:30, on 26/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
bon navré, meme probleme qu'hier, je dois aller me coucher :-/
donc on verra ça demain, bonne nuit a toi ;-)
bizz
PS : dis moi si tu veux que je lance quelquechose, je pourrais le faire demain matin, tu auras ta reponse vers midi :-)
donc on verra ça demain, bonne nuit a toi ;-)
bizz
PS : dis moi si tu veux que je lance quelquechose, je pourrais le faire demain matin, tu auras ta reponse vers midi :-)
et que ta donné sdfix?
ok ok good night and have a good dreams
kiss
ok ok good night and have a good dreams
kiss
salut,
le rapport de SDFix :
http://www.commentcamarche.net/forum/affich 5185072 au secour win32 tibs ado trj?page=2#47
le rapport de SDFix :
http://www.commentcamarche.net/forum/affich 5185072 au secour win32 tibs ado trj?page=2#47
bonjour,
pour la gestion des cookies je connaissais deja le menu "option internet" et je le supprime tous les jours en fait... j'avais nettoyé avec superantispy les 3 cookies dont je parlais un peu plus haut. mais je crois que de toutes façon ce genre de cookies doit bien arriver tous les jours, non?
bon, je vais lancé kaspersky et je transmet le rapport surement ce midi.... a plus tard :-)
pour la gestion des cookies je connaissais deja le menu "option internet" et je le supprime tous les jours en fait... j'avais nettoyé avec superantispy les 3 cookies dont je parlais un peu plus haut. mais je crois que de toutes façon ce genre de cookies doit bien arriver tous les jours, non?
bon, je vais lancé kaspersky et je transmet le rapport surement ce midi.... a plus tard :-)
re,
bon le resultat est pas tres glorieux :(
3 virus trouvés et 13 objets infectés...
voici le rapport
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, February 27, 2008 12:21:24 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/02/2008
Kaspersky Anti-Virus database records: 537326
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64148
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 00:34:45
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022720080228\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\icu.exe~ Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_618.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\trashicon.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
Scan process completed.
bon le resultat est pas tres glorieux :(
3 virus trouvés et 13 objets infectés...
voici le rapport
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, February 27, 2008 12:21:24 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/02/2008
Kaspersky Anti-Virus database records: 537326
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64148
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 00:34:45
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-40-19.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 13-41-21.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2007-07-27 18-46-57.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 13-40-41.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2007-07-27 18-47-08.bckp Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Guide des stations de radio.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Hotmail.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Personnaliser les liens.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows Media.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\Liens\Windows.url Object is locked skipped
C:\Documents and Settings\Administrateur\Favoris\MSN.com.url Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0G0HR0HN\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8HFRGF3W\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OBF7KYM2\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PPTNF50V\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Échantillons de musique.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\Mes documents\Mes images\Échantillons d'images.lnk Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\amipro.sam Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\excel4.xls Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\presenta.shw Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\sndrec.wav Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\winword2.doc Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Dossier compressé.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Administrateur\SendTo\Mes documents.mydocs Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\takata\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Historique\History.IE5\MSHist012008022720080228\index.dat Object is locked skipped
C:\Documents and Settings\takata\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\takata\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\takata\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Sygate\SPF\debug.log Object is locked skipped
C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped
C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped
C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped
C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036338.exe Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036349.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036376.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036377.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036417.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036437.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036448.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036471.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036475.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036483.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP263\A0036487.dll Infected: Trojan-Clicker.Win32.Agent.ss skipped
C:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\icu.exe~ Infected: Email-Worm.Win32.Zhelatin.vn skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_618.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\trashicon.exe Infected: Trojan-Dropper.Win32.Agent.bno skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{1618E491-BEDE-4DF4-8F7D-604EE9888BC3}\RP264\change.log Object is locked skipped
Scan process completed.
ok ok je me disais aussi...^^
alors, quelle orientation dois je prendre là? je ne sai splus trop quoi faire...
au pire, peut on formater juste une partition d'un disque dur? il semblerait que seulement le C: soit infecté donc si j'arrive a garder le D: moi ça me pose pas de probleme. C'est le D: qui a le plus d'importance pour moi. mais bon, si on peut eviter le formatage moi ça m'irait encore plus :-)
alors, quelle orientation dois je prendre là? je ne sai splus trop quoi faire...
au pire, peut on formater juste une partition d'un disque dur? il semblerait que seulement le C: soit infecté donc si j'arrive a garder le D: moi ça me pose pas de probleme. C'est le D: qui a le plus d'importance pour moi. mais bon, si on peut eviter le formatage moi ça m'irait encore plus :-)
Bonjour,
fais ça :
Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau
Double clique sur le OAD pour le lancer
- nom de fichier à rechercher tape ou fais un copier coller de : icu.exe
- Type de recherche : sélectionne l'option 6 puis valide [entree]
OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ai terminé.
Le rapport de recherche s'affichera automatiquement à dès qu'il en aura terminé.
- Fais un copier / coller de ce rapport dans ton prochain post.
Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient(e
fais ça :
Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau
Double clique sur le OAD pour le lancer
- nom de fichier à rechercher tape ou fais un copier coller de : icu.exe
- Type de recherche : sélectionne l'option 6 puis valide [entree]
OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ai terminé.
Le rapport de recherche s'affichera automatiquement à dès qu'il en aura terminé.
- Fais un copier / coller de ce rapport dans ton prochain post.
Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient(e
voici le rapport
27/02/2008 ---- 22:34:35,01
----------------------------------
§§§§§§ [icu.exe] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
27/02/2008 ---- 22:34:35,01
----------------------------------
§§§§§§ [icu.exe] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
