Sujet Précédent Sujet Suivant

Je hais MSN !

Nadia75 -  
 Nadia75 -
Salut les mecs !

Je crois que j'aurais besoin d'un petit coup de main pour que je réussisse à me sortir de cette galère inommable ! j'ai essayé msnfix pour envoyer ballader "ta tof fait quoi sur ton site" mais rien à faire... Ce truc s'accroche à mon disque dur comme une sangsue !!!
Help ! Please ! Je vais sauter dans le vide avec mon PC si ça continue ! :)
A voir également:

9 réponses

Réponse 1 / 9
Utilisateur anonyme
 
salut

télécharge hijackthis fait un scan et colle moi le log ici
0
Nadia75
 
Salut Jessydu54 et merci beaucoup pour ton aide !

j'ai téléchargé hijackthis et voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:06, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Fichiers communs\AOL\1168116699\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/md5auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - C:\PROGRA~1\ORANGE~1\TOOLBA~2.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\services.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware354\bin\Starware354.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Starware Toolbar Recettes - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware354\bin\Starware354.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer234.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168116699\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: traduire la page - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce263.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce264.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/2.0.6.9/cab/aolpPlugins.10.6.0.4.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.lessablesdolonne.com/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
Réponse 2 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Pour continuer tu vas télécharge sdfix:

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Télécharge le sur le bureau

-
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

-Redémarre ton ordinateur
-Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
-A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
-Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
-Choisis ton compte.
-Déroule la liste des instructions ci-dessous :
-Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
-Appuie sur Y pour commencer le processus de nettoyage.
-Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
-Appuie sur une touche pour redémarrer le PC.
-Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
-Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
-Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
-Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.

a+
0
Nadia75
 
Salut dou-l et merci pour ton aide !

Comme je viens de commencer avec le logiciel hijackthis est-il nécessaire que j'utilise sdfix ?
Qu'est ce qui est le plus efficace, msnfix ou hijackthis ?
Merci à toi.
0
Réponse 3 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Hijack sert a diagnosticer ton pc

perso je péfére sdfix ^^
0
Nadia75
 
ok, reste avec moi stp, je vais essayer avec SDFIX ! ;)
0
Réponse 4 / 9
dou-l Messages postés 2871 Statut Membre 61
 
je bouge pas ^^.
0
Nadia75
 
ok dou-l, merci ;)

j'ai fini de suivre tes instructions. Je te livre en bloc le rapport :


[b]SDFix: Version 1.158 [/b]

Run by HP_Propri‚taire on 16/03/2008 at 19:53

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\mrofinu1423.exe - Deleted
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\services.exe - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 19:59:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8f,70,69,00,dd,4c,ec,51,ff,6b,55,94,37,53,01,10,e1,34,3b,0d,16,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,89,6a,1e,2b,86,2c,28,ec,69,47,00,81,b7,ca,35,d9,bf,..
"khjeh"=hex:a1,e8,58,b3,7f,db,0a,71,86,5f,c5,ae,d7,9c,d0,90,26,f2,71,55,12,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0e,5a,cc,29,28,5d,1c,4c,e6,9b,ab,b3,23,fa,e0,f4,a6,ee,73,37,dd,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{17E0984E-5ADA-47B8-8716-A576F1A3CCA2}]
"DhcpRetryTime"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8f,70,69,00,dd,4c,ec,51,ff,6b,55,94,37,53,01,10,e1,34,3b,0d,16,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,89,6a,1e,2b,86,2c,28,ec,69,47,00,81,b7,ca,35,d9,bf,..
"khjeh"=hex:a1,e8,58,b3,7f,db,0a,71,86,5f,c5,ae,d7,9c,d0,90,26,f2,71,55,12,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0e,5a,cc,29,28,5d,1c,4c,e6,9b,ab,b3,23,fa,e0,f4,a6,ee,73,37,dd,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Fichiers communs\\AOL\\1168116699\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1168116699\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\AOL 9.0 VR\\waol.exe"="C:\\Program Files\\AOL 9.0 VR\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe:*:Enabled:AOL System Information"
"C:\\DOCUME~1\\HP_PRO~1\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\HP_PRO~1\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sun 24 Dec 2006 196 A.SHR --- "C:\BOOT.BAK"
Fri 9 Apr 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Fri 9 Apr 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Thu 21 Jun 2007 46,384 A..H. --- "C:\Program Files\AOL 9.0 VR\AOLphx.exe"
Thu 24 May 2007 54,832 A..H. --- "C:\Program Files\AOL 9.0 VR\AOLphxex.exe"
Thu 24 May 2007 33,328 A..H. --- "C:\Program Files\AOL 9.0 VR\rbm.exe"
Sat 2 Jun 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 24 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 14 Sep 2005 24,064 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\DEMANDE D'EMPLOI\~WRL2087.tmp"
Tue 2 Jan 2007 444,416 ...H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\flo\~WRL2691.tmp"
Wed 1 Nov 2006 1,628,160 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\~WRL1213.tmp"
Fri 19 Oct 2007 96,072 ...H. --- "C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\WBUnins.exe"
Sun 27 Oct 2002 80,384 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\E-criture\Dans le Silence de la Nuit\S‚quenciers\~WRL1976.tmp"
Thu 24 Oct 2002 82,432 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\E-criture\Dans le Silence de la Nuit\S‚quenciers\~WRL2521.tmp"
Tue 11 May 2004 66,048 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\E-criture\VAMPIRE\Sc‚nario\~WRL0792.tmp"
Sun 9 May 2004 66,048 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\E-criture\VAMPIRE\Sc‚nario\~WRL0805.tmp"
Fri 8 Nov 2002 26,624 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\~WRL0839.tmp"
Fri 8 Nov 2002 28,672 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\~WRL1690.tmp"
Fri 8 Nov 2002 28,160 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\~WRL3464.tmp"
Fri 8 Nov 2002 24,576 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\~WRL3470.tmp"
Fri 8 Nov 2002 25,088 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\~WRL3754.tmp"
Thu 8 May 2003 28,672 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL0991.tmp"
Tue 6 May 2003 26,112 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL2581.tmp"
Thu 8 May 2003 28,672 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL2712.tmp"
Thu 26 Jun 2003 79,360 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL2845.tmp"
Thu 8 May 2003 28,160 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL3103.tmp"
Thu 8 May 2003 28,160 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\NOUVELLES\~WRL3852.tmp"
Thu 2 Jan 2003 25,600 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\~WRL0003.tmp"
Mon 13 May 2002 33,280 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\DOCUMENTS\Documents divers (CV, Liste dvd...)\~WRL0004.tmp"
Mon 8 Jul 2002 246,272 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Nori Mahdi\Lost Forever\~WRL2128.tmp"
Mon 17 Feb 2003 32,768 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Sacrebleu Productions\LONGS-METRAGES\~WRL2669.tmp"
Fri 7 Feb 2003 31,744 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Sacrebleu Productions\LONGS-METRAGES\~WRL4066.tmp"
Thu 16 Feb 2006 1,029,120 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\DESSERT\dessert … moi\~WRL0879.tmp"
Thu 16 Feb 2006 1,000,448 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\DESSERT\dessert … moi\~WRL0949.tmp"
Mon 23 Jan 2006 637,952 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\DESSERT\dessert … moi\~WRL2365.tmp"
Thu 16 Feb 2006 1,174,016 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\DESSERT\dessert … moi\~WRL2854.tmp"
Mon 23 Jan 2006 669,696 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\weight watchers\LIVRES\DESSERT\dessert … moi\~WRL3685.tmp"
Thu 17 Jul 2003 57,856 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\ENTRE CIEL ET TERRE\~WRL3007.tmp"
Tue 20 May 2003 34,816 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\LA LETTRE D'AMELIE\~WRL0337.tmp"
Sat 9 Aug 2003 37,888 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\LA LETTRE D'AMELIE\~WRL0938.tmp"
Sun 10 Aug 2003 40,960 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\LA LETTRE D'AMELIE\~WRL2522.tmp"
Sat 9 Aug 2003 38,400 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\LA LETTRE D'AMELIE\~WRL2962.tmp"
Sat 14 Dec 2002 89,600 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL0208.tmp"
Fri 6 Dec 2002 48,640 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL0452.tmp"
Sat 14 Dec 2002 90,624 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL0512.tmp"
Sat 14 Dec 2002 85,504 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL1219.tmp"
Fri 6 Dec 2002 50,176 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL1491.tmp"
Sat 14 Dec 2002 92,160 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL1974.tmp"
Sun 1 Dec 2002 71,680 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2057.tmp"
Fri 6 Dec 2002 43,008 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2261.tmp"
Fri 6 Dec 2002 49,664 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2390.tmp"
Sun 1 Dec 2002 77,312 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2500.tmp"
Sat 14 Dec 2002 86,016 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2566.tmp"
Sat 14 Dec 2002 92,672 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2705.tmp"
Fri 6 Dec 2002 44,032 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL2842.tmp"
Fri 13 Dec 2002 83,968 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL3081.tmp"
Fri 6 Dec 2002 52,224 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL3193.tmp"
Sat 14 Dec 2002 88,576 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Dernier des Jugements\~WRL3844.tmp"
Wed 19 Mar 2003 57,344 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\CM\Le Fant“me du Puzzle\~WRL2149.tmp"
Fri 2 Aug 2002 94,208 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\L… o— l'on veut bien se perdre\~WRL0531.tmp"
Fri 2 Aug 2002 93,184 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\L… o— l'on veut bien se perdre\~WRL1078.tmp"
Fri 15 Nov 2002 133,632 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\Station Vibjor\~WRL1050.tmp"
Fri 15 Nov 2002 133,120 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\Station Vibjor\~WRL1830.tmp"
Sun 10 Nov 2002 49,152 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\Station Vibjor\~WRL1923.tmp"
Sun 10 Nov 2002 49,152 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\Station Vibjor\~WRL2294.tmp"
Sat 16 Nov 2002 143,360 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\Station Vibjor\~WRL2563.tmp"
Mon 14 Oct 2002 20,480 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\LM\UNE AUTRE VIE\~WRL0003.tmp"
Thu 6 Mar 2003 25,600 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL1538.tmp"
Thu 6 Mar 2003 26,624 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL1634.tmp"
Thu 6 Mar 2003 26,624 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL1857.tmp"
Thu 6 Mar 2003 27,136 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL2604.tmp"
Thu 6 Mar 2003 25,088 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL2927.tmp"
Thu 6 Mar 2003 32,768 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL3190.tmp"
Thu 6 Mar 2003 29,184 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL3261.tmp"
Thu 6 Mar 2003 25,088 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Documents sc‚nario\ROMANS\LE SACRE DE JEAN\~WRL3810.tmp"
Mon 22 Apr 2002 63,488 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Dossier FX\SAUVEGARDE FX\Hyp‚rion Productions\CAPITALIS\Sequenciers - Long Sommeil\~WRL0002.tmp"

[b]Finished![/b]

En espérant que tout ceci te parle !
;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Va sur msn et dit tes soucis

je vais y aller. vite ^^
0
Nadia75
 
Dou-l, normalement tout est ok ? Je suis sensée être débarassée du virus ?
Sur MSN ça marche nickel.
0
Réponse 6 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Oui c'est parfait. si t'as des prob n'hésite pas.

a+ ben.
0
Nadia75
 
C'est génial ! Un grand merci à toi pour tes excellents conseils et tes infos très claires !
Bises !
0
Réponse 7 / 9
dou-l Messages postés 2871 Statut Membre 61
 
++.
0
Nadia75
 
Au secours ! :)

Je viens de télécharger Antivir et visiblement il détecte des fichiers infectés !
Dois-je faire un scan avec Antivir et effacer tous les fichiers infectés ?

Merci pour la réponse !

Nad
0
Réponse 8 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Oui supprime tout

Poste le rapport
0
Nadia75
 
Voilà, j'ai fait le scan avec Antivir... Comme d'habitude, tout ça n'est pas très lisible ! :)
J'ai mis les neufs fichiers détectés en quarantaine. Que dit le rapport ?


AntiVir PersonalEdition Classic
Report file date: lundi 17 mars 2008 17:35

Scanning for 1149506 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-641695C7437

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:49:17
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 19:49:17
ANTIVIR3.VDF : 7.0.3.33 180736 Bytes 16/03/2008 19:49:17
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 16/03/2008 19:49:20
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 16/03/2008 19:49:20
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 17 mars 2008 17:35

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'wanmpsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'aolsoftware.exe' - '1' Module(s) have been scanned
Scan process 'ElkCtrl.exe' - '1' Module(s) have been scanned
Scan process 'CameraAssistant.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'AOLAgent.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'Keyhook.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'hphmon06.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
49 processes with 49 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '47' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Propriétaire\xukpqz.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '48499f54.qua'!
C:\Documents and Settings\HP_Propriétaire\Bureau\catchme.zip
[0] Archive type: ZIP
--> services.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '48529f82.qua'!
C:\MSNFix\04032008_18575873.zip
[0] Archive type: ZIP
--> backup/mgvyjf.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea33d.qua'!
C:\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/mrofinu1423.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4841a762.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP355\A0052392.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea7bd.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP355\A0052416.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea7c0.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP363\A0063911.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea7df.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP363\A0063915.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea7e6.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP364\A0063987.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480ea7e8.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: lundi 17 mars 2008 18:38
Used time: 1:02:36 min

The scan has been done completely.

7529 Scanning directories
450886 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
9 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
450877 Files not concerned
15441 Archives were scanned
3 Warnings
1 Notes
0
Réponse 9 / 9
dou-l Messages postés 2871 Statut Membre 61
 
Ok il te pose des problemes c'est fichier ?
0
Nadia75
 
ben, ce qui me pose probleme c'est surtout qu'Antivir me signale de temps en temps que mon pc est infecté avec ces fichiers... seulement, ce que je ne voudrais pas c'est faire une erreur et supprimer un fichier important.
0

Discussions similaires

symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Que veut dire Msn
LoOuiiZee -
Bikadu75 -

4 réponses
signification de MSN
noisette2008 -
ysis -

6 réponses
que signifie abreviation msn
lilou -
Azerty -

5 réponses
Comment insérer correctement des caractères spéciaux ou émojis ?
Lia -
Cct -

45 réponses