Virus 30aine de fenetres d'erreur s'ouvrent
Résolu/Fermé
jojo
-
23 mars 2008 à 16:27
g!rly Messages postés 18206 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 6 avril 2008 à 16:27
g!rly Messages postés 18206 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 6 avril 2008 à 16:27
A voir également:
- Virus 30aine de fenetres d'erreur s'ouvrent
- Tinyurl virus - Forum Virus / Sécurité
- Erreur 1004 vba ✓ - Forum VB / VBA
- Tlauncher virus ✓ - Forum Jeux vidéo
- Erreur 1000 france tv - Forum MacOS
- Youtube une erreur s'est produite ✓ - Forum YouTube
54 réponses
Pendant le scan, antivir m'a encore trouvé des trojans du même nom que ceux de tt a l'h si je me souviens bien. je les ai tous effacés de nouveau un par un. je penses qu'au final je dois effacer la sélection obtenue apres le scan mais j'attends quand même ton avis.
donc voici le rapport de malwarebytes:
Malwarebytes' Anti-Malware 1.09
Version de la base de données: 527
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Eléments examinés: 198864
Temps écoulé: 1 hour(s), 25 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 28
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1228\A0292760.exe (Trojan.DNSChanger) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0292767.dll (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0293772.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-1.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-10.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-11.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-12.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-13.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-14.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-15.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-18.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-19.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-2.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-20.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-21.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-22.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-23.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-3.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-4.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-5.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-6.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-7.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-8.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-9.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294794.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296787.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296811.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296829.exe (Trojan.DownLoader) -> No action taken.
donc voici le rapport de malwarebytes:
Malwarebytes' Anti-Malware 1.09
Version de la base de données: 527
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Eléments examinés: 198864
Temps écoulé: 1 hour(s), 25 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 28
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1228\A0292760.exe (Trojan.DNSChanger) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0292767.dll (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0293772.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-1.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-10.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-11.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-12.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-13.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-14.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-15.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-18.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-19.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-2.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-20.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-21.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-22.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-23.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-3.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-4.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-5.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-6.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-7.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-8.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\snapshot\MFEX-9.DAT (AdWare.CommAd) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294794.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296787.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296811.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296829.exe (Trojan.DownLoader) -> No action taken.
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 00:22
24 mars 2008 à 00:22
re,
oui supprime la selection de la recherche de malwarebytes et repost un nouveau hijack this stp
@+
oui supprime la selection de la recherche de malwarebytes et repost un nouveau hijack this stp
@+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:27:35, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.80.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
O16 - DPF: {E8E20D57-3D5B-4A2D-B710-252900B66685} (Installer Class) - http://www.haduri.com:90/HaduriInstaller/v1.2.3.7/HaduriInstaller.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC} (SHLaunch Control) - http://nchat2.haduri.com/chat/shlaunch_0930.cab
O16 - DPF: {FF0CD5DC-60A6-4668-AB80-1ACF40ED9CB8} (HitPlus Control) - http://www.haduri.com/hadurishutcut/HitPlus.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
Scan saved at 00:27:35, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.80.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
O16 - DPF: {E8E20D57-3D5B-4A2D-B710-252900B66685} (Installer Class) - http://www.haduri.com:90/HaduriInstaller/v1.2.3.7/HaduriInstaller.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC} (SHLaunch Control) - http://nchat2.haduri.com/chat/shlaunch_0930.cab
O16 - DPF: {FF0CD5DC-60A6-4668-AB80-1ACF40ED9CB8} (HitPlus Control) - http://www.haduri.com/hadurishutcut/HitPlus.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 00:32
24 mars 2008 à 00:32
re,
a l´aide de hijack this coche et fix les lignes suivantes :
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
puis toutes les lignes 016
supprime ce programme par le panneau de configuration :
C:\Program Files\Search Settings
puis
performes un scan a l´aide d´antivir avec les reglages specifiés ci dessous :
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
post le rapport generé stp
et un nouveau hijack this
@+
a l´aide de hijack this coche et fix les lignes suivantes :
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
puis toutes les lignes 016
supprime ce programme par le panneau de configuration :
C:\Program Files\Search Settings
puis
performes un scan a l´aide d´antivir avec les reglages specifiés ci dessous :
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
post le rapport generé stp
et un nouveau hijack this
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
heu... "supprime ce programme par le panneau de configuration : C:\Program Files\Search Settings "
de quel programme tu parles stp? dsl je sais il est tard, je rame un peu ;-p
de quel programme tu parles stp? dsl je sais il est tard, je rame un peu ;-p
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 00:41
24 mars 2008 à 00:41
re,
celui ci : Search Settings
oui il se fait tard, je vais pas tarder a aller rejoindre morphée...
@+
celui ci : Search Settings
oui il se fait tard, je vais pas tarder a aller rejoindre morphée...
@+
ok ca scanne la, je ne sais pas si le probleme est completement résolu ou si il y a encore des manip a faire, mais en tout cas merci beaucoup de m'avoir aidée et de m'avoir sauvé la vie! apparament mon pc avait besoin d'un bon bain! nous pourrons reprendre demain si tu es d'accord et surtout si tu dois aller dormir! je garderai le rapport bien au chaud!
encore merci et bonne nuit :-)
encore merci et bonne nuit :-)
finallement il s'est terminé plus vite que je ne pensais! alors le voici:
AntiVir PersonalEdition Classic
Report file date: lundi 24 mars 2008 00:51
Scanning for 1163542 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: maman
Computer name: DARMON
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:17:37
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:17:37
ANTIVIR3.VDF : 7.0.3.65 36864 Bytes 23/03/2008 19:17:37
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 23/03/2008 19:17:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 23/03/2008 19:17:38
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922
Start of the scan: lundi 24 mars 2008 00:51
Starting search for hidden objects.
'534216' objects were checked, '0' hidden objects were found.
End of the scan: lundi 24 mars 2008 01:03
Used time: 12:19 min
The scan has been done completely.
0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
534216 Objects were scanned with rootkit scan
0 Hidden objects were found
AntiVir PersonalEdition Classic
Report file date: lundi 24 mars 2008 00:51
Scanning for 1163542 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: maman
Computer name: DARMON
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:17:37
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:17:37
ANTIVIR3.VDF : 7.0.3.65 36864 Bytes 23/03/2008 19:17:37
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 23/03/2008 19:17:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 23/03/2008 19:17:38
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922
Start of the scan: lundi 24 mars 2008 00:51
Starting search for hidden objects.
'534216' objects were checked, '0' hidden objects were found.
End of the scan: lundi 24 mars 2008 01:03
Used time: 12:19 min
The scan has been done completely.
0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
534216 Objects were scanned with rootkit scan
0 Hidden objects were found
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 01:04
24 mars 2008 à 01:04
ok jojo,
de rien ;-)
oui on reprendra demain, garde le rapport au chaud ;-)
bonne nuit ;-)
g!rly`
de rien ;-)
oui on reprendra demain, garde le rapport au chaud ;-)
bonne nuit ;-)
g!rly`
et le hijiack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:07:51, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:07:51, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 16:46
24 mars 2008 à 16:46
salut jojo,
le scan d´antivir a ete tres rapide car il n´a scanné qu´a la recherche de rootkit...
recommence le scan.
fais comme ceci :
click sur l´icone d´antivir dans la barre des taches, dans la fenetre qui va s´ouvrir click sur : scan system now.
post le rapport a la fin.
@+
le scan d´antivir a ete tres rapide car il n´a scanné qu´a la recherche de rootkit...
recommence le scan.
fais comme ceci :
click sur l´icone d´antivir dans la barre des taches, dans la fenetre qui va s´ouvrir click sur : scan system now.
post le rapport a la fin.
@+
salut g!rly,
j'ai fait un scan avec antivir qui m'a encore trouvé beaucoup de trojans que j'ai effacé, ainsi que des fichiers infectés que j'ai mis en 40aine.
voici le rapport:
AntiVir PersonalEdition Classic
Report file date: lundi 24 mars 2008 18:20
Scanning for 1163542 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: DARMON
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:17:37
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:17:37
ANTIVIR3.VDF : 7.0.3.65 36864 Bytes 23/03/2008 19:17:37
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 23/03/2008 19:17:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 23/03/2008 19:17:38
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: lundi 24 mars 2008 18:20
Starting search for hidden objects.
'151975' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'PCHButton.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'gearsec.exe' - '1' Module(s) have been scanned
Scan process 'CDANTSRV.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\maman\Bureau\MSNFix\23032008_17540567.zip
[0] Archive type: ZIP
--> backup/bfgco.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/hlpr.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backup/mrofinu1000106.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mrofinu1188.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mstn.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backup/photos.zip
[1] Archive type: ZIP
--> webcam_photos-2007-06.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.345088
--> backup/Setup.exe
[DETECTION] Is the Trojan horse TR/Agent.VB.AQC
--> backup/svshost.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4817eab0.qua'!
C:\Documents and Settings\maman\Bureau\SDFix\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/delnew.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backups/helper.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backups/hosts
[DETECTION] Is the Trojan horse TR/Qhost.AA
--> backups/nadlocop.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backups/run.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was deleted!
C:\Documents and Settings\maman\Incomplete\T-106814-_working_ la revolte des jouets 53.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\(livestream) generique de serie tv 07.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\(working) generique de serie tv 53.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\generique de serie tv 18.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\aevpjiyu.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\asjnnxkp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\bpdpovyg.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\emlaptcd.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\gfzmqmje.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\icckzxoe.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mwojhduj.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mzvsvnva.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mzwipvrq.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\qwpdektl.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\Trans Multi Ace Nurb.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\ulohjbcp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\ytoixdil.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\yvdogatc.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\4b73af.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\51b1c2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\54996b.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\6f0281.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\axkhplvw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\bfbqssvy.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\bisD.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc49b25b.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc909d6a.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc921087.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca21a65.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca5a4c4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca5b6c2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cccde12e.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cd19a8cc.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cd765635.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\ceab9f8f.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\d8aac.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\hwnusdjm.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\jdmezlwg.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\pvslphjo.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\pxyiduww.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta1013.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta1051.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta13.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta227B.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta4F.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\staE4F.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\tdpwnahw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\ukzdxqrt.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\xnyplowm.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C5I3G563\lasse[1].htm
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '485af42d.qua'!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\KL2741YB\g-way[1].htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen
[INFO] The file was moved to '485ef405.qua'!
C:\QooBox\Quarantine\C\delextra.exe.vir
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4853fc1b.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0293773.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fca2.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294793.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcaf.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294795.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb2.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0295786.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb5.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296786.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb8.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296788.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcbb.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296791.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcbd.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296810.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc1.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296826.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc4.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296846.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc6.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296848.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc8.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296854.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcca.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296857.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcce.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0296998.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcd9.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297056.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.dht
[INFO] The file was moved to '4819fcdd.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297057.exe
[DETECTION] Is the Trojan horse TR/Dldr.CWS.gen.2
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297058.exe
[DETECTION] Contains detection pattern of the dropper DR/TTC.D
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297071.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fce7.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297073.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcea.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297075.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcec.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297088.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297089.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297090.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297091.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297092.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297093.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297094.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297095.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297096.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297097.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297098.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297099.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297100.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297101.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\WINDOWS\photos.msnfix
[0] Archive type: ZIP
--> webcam_photos-2007-06.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.345088
[INFO] The file was moved to '4856fd61.qua'!
C:\WINDOWS\Fonts\Setup.MSNFix
[DETECTION] Is the Trojan horse TR/Agent.VB.AQC
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\OADriver.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OAmon.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\oanet.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154514.backup
[DETECTION] Is the Trojan horse TR/Qhost.AA
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154515.backup
[DETECTION] Is the Trojan horse TR/Qhost.AA
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154516.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154517.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-161009.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
Begin scan in 'D:\' <PRESARIO_RP>
End of the scan: lundi 24 mars 2008 20:53
Used time: 2:32:35 min
The scan has been done completely.
11266 Scanning directories
534234 Files were scanned
82 viruses and/or unwanted programs were found
24 Files were classified as suspicious:
72 files were deleted
0 files were repaired
23 files were moved to quarantine
0 files were renamed
5 Files cannot be scanned
534152 Files not concerned
22571 Archives were scanned
6 Warnings
0 Notes
151975 Objects were scanned with rootkit scan
0 Hidden objects were found
Je pense que tu auras besoin d'un rapport hijack this? je le poste juste apres...
j'ai fait un scan avec antivir qui m'a encore trouvé beaucoup de trojans que j'ai effacé, ainsi que des fichiers infectés que j'ai mis en 40aine.
voici le rapport:
AntiVir PersonalEdition Classic
Report file date: lundi 24 mars 2008 18:20
Scanning for 1163542 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: DARMON
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:17:37
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:17:37
ANTIVIR3.VDF : 7.0.3.65 36864 Bytes 23/03/2008 19:17:37
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 23/03/2008 19:17:38
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 23/03/2008 19:17:38
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: lundi 24 mars 2008 18:20
Starting search for hidden objects.
'151975' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'PCHButton.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'gearsec.exe' - '1' Module(s) have been scanned
Scan process 'CDANTSRV.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\maman\Bureau\MSNFix\23032008_17540567.zip
[0] Archive type: ZIP
--> backup/bfgco.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/hlpr.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backup/mrofinu1000106.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mrofinu1188.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/mstn.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backup/photos.zip
[1] Archive type: ZIP
--> webcam_photos-2007-06.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.345088
--> backup/Setup.exe
[DETECTION] Is the Trojan horse TR/Agent.VB.AQC
--> backup/svshost.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4817eab0.qua'!
C:\Documents and Settings\maman\Bureau\SDFix\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/delnew.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backups/helper.exe
[DETECTION] Contains suspicious code HEUR/Crypted
--> backups/hosts
[DETECTION] Is the Trojan horse TR/Qhost.AA
--> backups/nadlocop.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backups/run.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was deleted!
C:\Documents and Settings\maman\Incomplete\T-106814-_working_ la revolte des jouets 53.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\(livestream) generique de serie tv 07.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\(working) generique de serie tv 53.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\maman\Shared\generique de serie tv 18.wma
[DETECTION] Is the Trojan horse TR/WMA.Wimad.D.1
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\aevpjiyu.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\asjnnxkp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\bpdpovyg.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\emlaptcd.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\gfzmqmje.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\icckzxoe.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mwojhduj.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mzvsvnva.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\mzwipvrq.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\qwpdektl.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\Trans Multi Ace Nurb.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\ulohjbcp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\ytoixdil.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application Data\New32Regs\yvdogatc.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\4b73af.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\51b1c2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\54996b.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\6f0281.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\axkhplvw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\bfbqssvy.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\bisD.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc49b25b.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc909d6a.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cc921087.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca21a65.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca5a4c4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cca5b6c2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cccde12e.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cd19a8cc.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\cd765635.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\ceab9f8f.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\d8aac.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\hwnusdjm.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\jdmezlwg.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\pvslphjo.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\pxyiduww.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta1013.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta1051.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta13.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta227B.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sta4F.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\staE4F.exe
[DETECTION] Is the Trojan horse TR/Swizzor.A
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\tdpwnahw.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\ukzdxqrt.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\xnyplowm.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\C5I3G563\lasse[1].htm
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '485af42d.qua'!
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Temporary Internet Files\Content.IE5\KL2741YB\g-way[1].htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen
[INFO] The file was moved to '485ef405.qua'!
C:\QooBox\Quarantine\C\delextra.exe.vir
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4853fc1b.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1229\A0293773.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fca2.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294793.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcaf.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0294795.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb2.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1234\A0295786.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb5.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296786.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcb8.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296788.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcbb.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1235\A0296791.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcbd.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296810.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc1.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296826.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc4.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296846.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc6.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296848.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcc8.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296854.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcca.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296857.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcce.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0296998.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcd9.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297056.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.dht
[INFO] The file was moved to '4819fcdd.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297057.exe
[DETECTION] Is the Trojan horse TR/Dldr.CWS.gen.2
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1242\A0297058.exe
[DETECTION] Contains detection pattern of the dropper DR/TTC.D
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297071.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fce7.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297073.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcea.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297075.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '4819fcec.qua'!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297088.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297089.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297090.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297091.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297092.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297093.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297094.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297095.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297096.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297097.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297098.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.DV
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297099.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297100.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297101.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\WINDOWS\photos.msnfix
[0] Archive type: ZIP
--> webcam_photos-2007-06.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.345088
[INFO] The file was moved to '4856fd61.qua'!
C:\WINDOWS\Fonts\Setup.MSNFix
[DETECTION] Is the Trojan horse TR/Agent.VB.AQC
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\OADriver.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OAmon.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\oanet.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154514.backup
[DETECTION] Is the Trojan horse TR/Qhost.AA
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154515.backup
[DETECTION] Is the Trojan horse TR/Qhost.AA
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154516.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-154517.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\etc\hosts.20080322-161009.backup
[DETECTION] Is the Trojan horse TR/AntiHosts.Gen
[INFO] The file was deleted!
Begin scan in 'D:\' <PRESARIO_RP>
End of the scan: lundi 24 mars 2008 20:53
Used time: 2:32:35 min
The scan has been done completely.
11266 Scanning directories
534234 Files were scanned
82 viruses and/or unwanted programs were found
24 Files were classified as suspicious:
72 files were deleted
0 files were repaired
23 files were moved to quarantine
0 files were renamed
5 Files cannot be scanned
534152 Files not concerned
22571 Archives were scanned
6 Warnings
0 Notes
151975 Objects were scanned with rootkit scan
0 Hidden objects were found
Je pense que tu auras besoin d'un rapport hijack this? je le poste juste apres...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:02:28, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
Scan saved at 21:02:28, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
24 mars 2008 à 23:08
24 mars 2008 à 23:08
ok jojo,
c´est bien on avance...
on va faire encore un scan mais cette fois en ligne :
Scan en ligne bitdefender :
https://www.bitdefender.com/toolbox/
Clicker sur " I agree " et suivre les indications
A faire imperativement sous internet explorer, en acceptant l´activ x
tutoriel en image en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Post le rapport généré ici stp
@+
c´est bien on avance...
on va faire encore un scan mais cette fois en ligne :
Scan en ligne bitdefender :
https://www.bitdefender.com/toolbox/
Clicker sur " I agree " et suivre les indications
A faire imperativement sous internet explorer, en acceptant l´activ x
tutoriel en image en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Post le rapport généré ici stp
@+
BitDefender Online Scanner
Scan report generated at: Tue, Mar 25, 2008 - 01:09:11
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
01:48:30
Files
379842
Folders
11273
Boot Sectors
3
Archives
14252
Packed Files
21584
Results
Identified Viruses
7
Infected Files
37
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
37
Engines Info
Virus Definitions
1022331
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\blah gram.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\blah gram.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\BoobShim.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\BoobShim.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Book this.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Book this.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\City wma.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\City wma.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\eq bin.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\eq bin.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\HoldBore.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\HoldBore.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\name two.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\name two.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\onlinedownload.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\onlinedownload.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\pileatom.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\pileatom.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\readme trust.exe
Infected with: GenPack:Trojan.Swizzor.BF
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\readme trust.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Regsrule.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Regsrule.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Setup Size.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Setup Size.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\stop sixth.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\stop sixth.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\storebyte.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\storebyte.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Team 16.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Team 16.exe
Deleted
C:\Documents and Settings\All Users\Documents\Ma musique\joh\Fireworks_s_Inst-58.exe
Detected with: Adware.Gator.I
C:\Documents and Settings\All Users\Documents\Ma musique\joh\Fireworks_s_Inst-58.exe
Deleted
C:\Documents and Settings\maman\Application Data\New32Regs\dusbcngy.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\maman\Application Data\New32Regs\dusbcngy.exe
Deleted
C:\Documents and Settings\maman\Application Data\New32Regs\potmysaa.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\maman\Application Data\New32Regs\potmysaa.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296844.vbs
Detected with: Adware.Isearch.D
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296844.vbs
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296855.vbs
Detected with: Adware.Isearch.D
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296855.vbs
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297106.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297106.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297107.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297107.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297108.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297108.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297109.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297109.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297110.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297110.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297111.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297111.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297112.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297112.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297113.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297113.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297114.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297114.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297115.exe
Infected with: GenPack:Trojan.Swizzor.BF
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297115.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297116.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297116.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297117.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297117.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297118.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297118.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297119.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297119.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297120.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297120.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297121.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297121.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297122.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297122.exe
Deleted
voila, j'espere que le changement de format (htlm a la base) ne pose pas de probleme.
a+ g!rly :-)
Scan report generated at: Tue, Mar 25, 2008 - 01:09:11
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
01:48:30
Files
379842
Folders
11273
Boot Sectors
3
Archives
14252
Packed Files
21584
Results
Identified Viruses
7
Infected Files
37
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
37
Engines Info
Virus Definitions
1022331
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
41
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\blah gram.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\blah gram.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\BoobShim.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\BoobShim.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Book this.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Book this.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\City wma.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\City wma.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\eq bin.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\eq bin.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\HoldBore.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\HoldBore.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\name two.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\name two.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\onlinedownload.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\onlinedownload.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\pileatom.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\pileatom.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\readme trust.exe
Infected with: GenPack:Trojan.Swizzor.BF
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\readme trust.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Regsrule.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Regsrule.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Setup Size.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Setup Size.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\stop sixth.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\stop sixth.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\storebyte.exe
Infected with: Trojan.Swizzor.AX
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\storebyte.exe
Deleted
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Team 16.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\All Users\Application Data\View Bold Online 2\Team 16.exe
Deleted
C:\Documents and Settings\All Users\Documents\Ma musique\joh\Fireworks_s_Inst-58.exe
Detected with: Adware.Gator.I
C:\Documents and Settings\All Users\Documents\Ma musique\joh\Fireworks_s_Inst-58.exe
Deleted
C:\Documents and Settings\maman\Application Data\New32Regs\dusbcngy.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\maman\Application Data\New32Regs\dusbcngy.exe
Deleted
C:\Documents and Settings\maman\Application Data\New32Regs\potmysaa.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\Documents and Settings\maman\Application Data\New32Regs\potmysaa.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296844.vbs
Detected with: Adware.Isearch.D
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296844.vbs
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296855.vbs
Detected with: Adware.Isearch.D
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1236\A0296855.vbs
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297106.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297106.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297107.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297107.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297108.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297108.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297109.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297109.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297110.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297110.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297111.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297111.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297112.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297112.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297113.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297113.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297114.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297114.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297115.exe
Infected with: GenPack:Trojan.Swizzor.BF
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297115.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297116.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297116.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297117.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297117.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297118.exe
Infected with: GenPack:Trojan.Swizzor.GI
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297118.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297119.exe
Infected with: Trojan.Swizzor.AX
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297119.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297120.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297120.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297121.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297121.exe
Deleted
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297122.exe
Infected with: Trojan.Downloader.Swizzor.DE
C:\System Volume Information\_restore{D5798E20-2D90-4B82-81D9-8BCD663C9521}\RP1243\A0297122.exe
Deleted
voila, j'espere que le changement de format (htlm a la base) ne pose pas de probleme.
a+ g!rly :-)
Apres fermeture il y avait aussi ce rapport la, ou on me demande si je veux l'envoyer. il a des données différentes apparament donc je te l'envoie quand même si ca peut te servir:
BitDefender Online Scanner - Real Time Virus Report
Generated at: Tue, Mar 25, 2008 - 01:15:55
Scan Info
Scanned Files
439322
Infected Files
37
Virus Detected
Adware.Isearch.D
2
Trojan.Swizzor.AX
6
GenPack:Trojan.Swizzor.GI
6
GenPack:Trojan.Downloader.Swizzor.GC
4
GenPack:Trojan.Swizzor.BF
2
Adware.Gator.I
1
Trojan.Downloader.Swizzor.DE
16
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
merci @+
BitDefender Online Scanner - Real Time Virus Report
Generated at: Tue, Mar 25, 2008 - 01:15:55
Scan Info
Scanned Files
439322
Infected Files
37
Virus Detected
Adware.Isearch.D
2
Trojan.Swizzor.AX
6
GenPack:Trojan.Swizzor.GI
6
GenPack:Trojan.Downloader.Swizzor.GC
4
GenPack:Trojan.Swizzor.BF
2
Adware.Gator.I
1
Trojan.Downloader.Swizzor.DE
16
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
merci @+
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
25 mars 2008 à 15:28
25 mars 2008 à 15:28
salut jojo,
passe ceci :
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
@+
passe ceci :
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
@+
salut g!rly,
voici le rapport :
# Rapport Lopxp fait le 25/03/2008 à 18:40:09
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.09 - Maj du 28/02/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2007-09-21 à 06:24:00 - Adobe
2006-09-07 à 14:58:11 - Ahead
2005-02-26 à 12:01:05 - AOL
2004-01-01 à 09:35:43 - Apple Computer
2008-03-23 à 19:14:35 - Avira
2006-09-02 à 14:31:22 - DVD Shrink
2006-12-27 à 17:30:27 - Google
2008-03-24 à 17:19:50 - Google Updater
2004-01-01 à 09:27:57 - InterVideo
2008-03-23 à 21:39:04 - Malwarebytes
2005-11-17 à 05:57:02 - Messenger Plus!
2007-04-09 à 09:29:26 - Microsoft
2004-01-01 à 09:58:03 - Motive
2004-09-01 à 17:56:18 - MSN6
2008-03-23 à 19:34:29 - OnlineArmor
2007-04-14 à 23:01:16 - pixelStorm
2006-09-17 à 23:13:48 - PlayFirst
2004-09-01 à 21:10:38 - QuickTime
2004-01-01 à 07:52:21 - SBSI
2007-05-26 à 15:31:37 - Sony Ericsson
2005-06-16 à 14:29:55 - Spybot - Search & Destroy
2005-04-10 à 14:33:27 - Symantec
2007-05-26 à 15:31:26 - Teleca
2008-03-24 à 22:26:20 - View Bold Online 2
2005-02-18 à 23:30:16 - Viewpoint
2006-07-25 à 06:27:27 - Windows Genuine Advantage
2007-07-11 à 21:42:30 - WindowsLiveInstaller
2008-03-02 à 00:04:06 - WLInstaller
2007-02-11 à 08:51:41 - YoGen
2006-09-21 à 16:27:57 - Zylom
+- C:\Documents and Settings\maman\Application Data
2007-12-11 à 00:57:35 - Adobe
2007-04-09 à 09:36:53 - AdobeAUM
2007-04-09 à 09:36:58 - AdobeUM
2006-09-11 à 23:52:38 - Ahead
2005-07-02 à 14:45:13 - AOL
2006-02-08 à 23:00:52 - Apple Computer
2007-06-19 à 11:29:21 - BitTorrent
2008-03-23 à 22:00:34 - Fordlist
2006-12-29 à 22:28:06 - Google
2005-02-23 à 20:06:39 - Help
2004-09-06 à 22:27:18 - Hewlett-Packard
2004-01-01 à 07:47:16 - Identities
2007-10-13 à 22:04:28 - InfraRecorder
2005-02-21 à 08:06:16 - Intervideo
2007-01-15 à 22:08:54 - Lavasoft
2004-11-20 à 23:11:25 - Leadertech
2008-02-24 à 01:19:25 - LGSync
2007-09-03 à 12:09:40 - Macromedia
2008-03-23 à 21:39:23 - Malwarebytes
2008-03-04 à 21:34:09 - Microsoft
2004-10-05 à 13:27:03 - Motive
2007-12-10 à 17:09:52 - Mozilla
2005-05-17 à 19:06:17 - MSN6
2008-03-24 à 22:39:19 - New32Regs
2008-03-25 à 17:15:49 - OnlineArmor
2006-09-17 à 23:13:48 - PlayFirst
2007-12-14 à 19:42:49 - Real
2004-01-01 à 10:26:01 - SampleView
2008-01-13 à 22:59:50 - Samsung
2004-11-20 à 23:11:27 - Sonic
2006-02-27 à 20:36:44 - STOIK
2004-01-01 à 08:28:50 - Sun
2004-01-01 à 14:21:57 - Symantec
2007-05-26 à 15:35:18 - Teleca
2004-10-05 à 13:50:34 - Template
2007-11-08 à 21:04:53 - U3
2008-02-24 à 00:46:07 - vlc
+- C:\Documents and Settings\maman\Local Settings\Application Data
2007-09-21 à 22:02:07 - Adobe
2006-09-07 à 14:57:18 - Ahead
2006-02-08 à 23:00:52 - Apple Computer
2007-12-11 à 00:54:21 - ApplicationHistory
2007-09-21 à 12:18:14 - Google
2005-02-23 à 20:06:39 - Help
2004-10-15 à 18:36:28 - Identities
2006-02-25 à 10:51:03 - IM
2008-03-07 à 23:25:32 - Microsoft
2005-06-02 à 00:29:27 - MicroVision Applications
2007-12-10 à 17:09:52 - Mozilla
2007-10-06 à 13:13:34 - Neuf
2007-05-07 à 23:56:40 - PCHealth
2008-03-14 à 21:56:03 - WMTools Downloaded Files
2004-01-01 à 08:28:29 - {7148F0A6-6813-11D6-A77B-00B0D0142030}
========== Listing du dossier Program Files
+- C:\Program Files
2007-10-19 à 16:50:56 - 01-mp3search
2008-01-25 à 23:34:19 - Adobe
2006-09-06 à 21:24:47 - Ahead
2004-09-01 à 17:50:51 - ATI Technologies
2008-03-23 à 19:14:35 - Avira
2007-04-09 à 09:59:39 - AVYMEDIA
2007-07-11 à 22:16:27 - BitTorrent
2008-03-12 à 19:23:53 - Dealio
2007-09-29 à 12:32:40 - DivX
2006-01-16 à 19:18:36 - dsbc310_winxp2k98se_driver_110
2007-10-13 à 21:48:24 - DVD Shrink
2007-10-13 à 22:01:10 - DVDCOPY
2005-12-26 à 18:00:03 - EA GAMES
2007-12-14 à 17:06:26 - Fichiers communs
2006-11-25 à 17:29:23 - Foreignword
2008-03-11 à 22:43:09 - Free Video Converter
2006-09-17 à 23:12:46 - Gamenext
2007-09-16 à 18:30:44 - Google
2007-05-07 à 20:48:46 - Hewlett-Packard
2007-10-13 à 22:14:43 - InfraRecorder
2008-02-24 à 01:13:39 - InstallShield Installation Information
2008-03-21 à 22:05:24 - Internet Explorer
2004-09-01 à 17:52:36 - InterVideo
2007-10-13 à 22:27:23 - iPod
2004-01-01 à 09:35:44 - iTunes
2008-03-23 à 20:26:34 - Java
2007-01-15 à 22:08:46 - Lavasoft
2008-02-24 à 01:13:40 - LG Electronics
2008-02-24 à 01:12:27 - LGE GSM PC Sync
2008-02-09 à 20:14:48 - LimeWire
2006-04-12 à 13:24:14 - LimeWirepro
2008-03-25 à 17:41:07 - Lopxp
2006-08-27 à 15:05:53 - Magicbit
2008-03-23 à 21:39:17 - Malwarebytes' Anti-Malware
2004-10-03 à 15:01:56 - Maxis
2005-05-01 à 12:39:36 - Messenger
2008-01-03 à 17:07:24 - Messenger Plus! Live
2007-01-18 à 16:58:41 - MessengerPlus! 3
2004-12-25 à 23:58:48 - MGI
2004-01-01 à 07:47:20 - microsoft frontpage
2006-08-31 à 17:38:03 - Microsoft IntelliPoint 5.0
2006-08-31 à 17:43:15 - Microsoft IntelliType Pro 5.2
2007-12-10 à 14:51:54 - Microsoft Office
2007-12-11 à 00:51:11 - Microsoft SQL Server Compact Edition
2005-05-01 à 12:39:37 - Microsoft Works
2007-06-04 à 18:47:10 - mIRC
2005-05-01 à 12:39:40 - Movie Maker
2008-03-25 à 17:35:21 - Mozilla Firefox
2007-02-08 à 20:56:25 - MSBuild
2007-12-10 à 14:44:20 - MSECache
2005-04-19 à 20:08:46 - MSN
2006-05-08 à 22:26:32 - MSN Apps
2004-01-01 à 07:43:23 - MSN Gaming Zone
2006-11-19 à 02:43:08 - MSXML 4.0
2007-08-21 à 01:05:46 - MSXML 6.0
2006-09-07 à 12:43:58 - Nero
2005-03-27 à 10:54:43 - NetMeeting
2007-10-06 à 13:13:01 - Neuf
2004-09-02 à 13:04:13 - Norton Personal Firewall
2007-04-09 à 09:54:48 - Oberon Media
2007-06-13 à 23:38:44 - Outlook Express
2005-01-19 à 14:21:03 - PacketVideo
2007-09-19 à 21:59:48 - PhotoFiltre
2007-10-23 à 16:28:20 - Picasa2
2006-06-06 à 09:56:22 - Pochette Express 2
2004-01-01 à 09:58:02 - Presario PC Help
2005-02-18 à 23:30:09 - QuickTime
2007-12-14 à 17:04:43 - Real
2005-05-11 à 19:21:42 - RecordNow!
2007-02-08 à 20:49:49 - Reference Assemblies
2006-06-12 à 11:08:20 - Samsung
2004-12-18 à 22:32:19 - Satsuki Decoder Pack
2006-06-22 à 14:53:29 - SDLL
2004-09-01 à 17:51:35 - Sonic
2007-05-26 à 15:30:29 - Sony Ericsson
2007-06-20 à 21:43:43 - Spybot - Search & Destroy
2007-07-11 à 22:22:33 - Super DVD Creator 9.0
2008-03-23 à 19:34:00 - Tall Emu
2005-07-20 à 13:05:54 - Ulead Systems
2008-03-24 à 00:28:28 - UltimateZip
2006-06-22 à 14:54:06 - Uninstall Information
2005-03-30 à 14:24:57 - USB Driver-Express
2007-10-24 à 18:03:21 - Veoh Networks
2008-02-24 à 00:40:36 - VideoLAN
2005-02-18 à 23:30:16 - Viewpoint
2007-04-09 à 09:29:27 - Windows Defender
2008-02-27 à 14:23:31 - Windows Live
2006-12-23 à 12:41:05 - Windows Media Connect 2
2006-12-23 à 12:44:17 - Windows Media Player
2005-03-27 à 10:54:34 - Windows NT
2008-03-21 à 22:05:24 - WindowsUpdate
2005-01-19 à 14:19:59 - WMV9_VCM
2004-01-01 à 07:47:20 - xerox
2006-09-02 à 16:14:50 - Yahoo!
2006-09-21 à 16:27:57 - Zylom Games
========== Tâches planifiées
FRU Task #Hewlett-Packard#hp psc 1100 series#1094070518.job: C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 1100 series#1094070518"
MP Scheduled Scan.job: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
========== Clés registre
========== Bloqueur popups Internet Explorer
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\View Bold Online 2
C:\Documents and Settings\maman\Application Data\Fordlist
C:\Documents and Settings\maman\Application Data\New32Regs
C:\Program Files\DVDCOPY
+- Registre : Aucune suggestion.
- Fin du rapport -
voici le rapport :
# Rapport Lopxp fait le 25/03/2008 à 18:40:09
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.09 - Maj du 28/02/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2007-09-21 à 06:24:00 - Adobe
2006-09-07 à 14:58:11 - Ahead
2005-02-26 à 12:01:05 - AOL
2004-01-01 à 09:35:43 - Apple Computer
2008-03-23 à 19:14:35 - Avira
2006-09-02 à 14:31:22 - DVD Shrink
2006-12-27 à 17:30:27 - Google
2008-03-24 à 17:19:50 - Google Updater
2004-01-01 à 09:27:57 - InterVideo
2008-03-23 à 21:39:04 - Malwarebytes
2005-11-17 à 05:57:02 - Messenger Plus!
2007-04-09 à 09:29:26 - Microsoft
2004-01-01 à 09:58:03 - Motive
2004-09-01 à 17:56:18 - MSN6
2008-03-23 à 19:34:29 - OnlineArmor
2007-04-14 à 23:01:16 - pixelStorm
2006-09-17 à 23:13:48 - PlayFirst
2004-09-01 à 21:10:38 - QuickTime
2004-01-01 à 07:52:21 - SBSI
2007-05-26 à 15:31:37 - Sony Ericsson
2005-06-16 à 14:29:55 - Spybot - Search & Destroy
2005-04-10 à 14:33:27 - Symantec
2007-05-26 à 15:31:26 - Teleca
2008-03-24 à 22:26:20 - View Bold Online 2
2005-02-18 à 23:30:16 - Viewpoint
2006-07-25 à 06:27:27 - Windows Genuine Advantage
2007-07-11 à 21:42:30 - WindowsLiveInstaller
2008-03-02 à 00:04:06 - WLInstaller
2007-02-11 à 08:51:41 - YoGen
2006-09-21 à 16:27:57 - Zylom
+- C:\Documents and Settings\maman\Application Data
2007-12-11 à 00:57:35 - Adobe
2007-04-09 à 09:36:53 - AdobeAUM
2007-04-09 à 09:36:58 - AdobeUM
2006-09-11 à 23:52:38 - Ahead
2005-07-02 à 14:45:13 - AOL
2006-02-08 à 23:00:52 - Apple Computer
2007-06-19 à 11:29:21 - BitTorrent
2008-03-23 à 22:00:34 - Fordlist
2006-12-29 à 22:28:06 - Google
2005-02-23 à 20:06:39 - Help
2004-09-06 à 22:27:18 - Hewlett-Packard
2004-01-01 à 07:47:16 - Identities
2007-10-13 à 22:04:28 - InfraRecorder
2005-02-21 à 08:06:16 - Intervideo
2007-01-15 à 22:08:54 - Lavasoft
2004-11-20 à 23:11:25 - Leadertech
2008-02-24 à 01:19:25 - LGSync
2007-09-03 à 12:09:40 - Macromedia
2008-03-23 à 21:39:23 - Malwarebytes
2008-03-04 à 21:34:09 - Microsoft
2004-10-05 à 13:27:03 - Motive
2007-12-10 à 17:09:52 - Mozilla
2005-05-17 à 19:06:17 - MSN6
2008-03-24 à 22:39:19 - New32Regs
2008-03-25 à 17:15:49 - OnlineArmor
2006-09-17 à 23:13:48 - PlayFirst
2007-12-14 à 19:42:49 - Real
2004-01-01 à 10:26:01 - SampleView
2008-01-13 à 22:59:50 - Samsung
2004-11-20 à 23:11:27 - Sonic
2006-02-27 à 20:36:44 - STOIK
2004-01-01 à 08:28:50 - Sun
2004-01-01 à 14:21:57 - Symantec
2007-05-26 à 15:35:18 - Teleca
2004-10-05 à 13:50:34 - Template
2007-11-08 à 21:04:53 - U3
2008-02-24 à 00:46:07 - vlc
+- C:\Documents and Settings\maman\Local Settings\Application Data
2007-09-21 à 22:02:07 - Adobe
2006-09-07 à 14:57:18 - Ahead
2006-02-08 à 23:00:52 - Apple Computer
2007-12-11 à 00:54:21 - ApplicationHistory
2007-09-21 à 12:18:14 - Google
2005-02-23 à 20:06:39 - Help
2004-10-15 à 18:36:28 - Identities
2006-02-25 à 10:51:03 - IM
2008-03-07 à 23:25:32 - Microsoft
2005-06-02 à 00:29:27 - MicroVision Applications
2007-12-10 à 17:09:52 - Mozilla
2007-10-06 à 13:13:34 - Neuf
2007-05-07 à 23:56:40 - PCHealth
2008-03-14 à 21:56:03 - WMTools Downloaded Files
2004-01-01 à 08:28:29 - {7148F0A6-6813-11D6-A77B-00B0D0142030}
========== Listing du dossier Program Files
+- C:\Program Files
2007-10-19 à 16:50:56 - 01-mp3search
2008-01-25 à 23:34:19 - Adobe
2006-09-06 à 21:24:47 - Ahead
2004-09-01 à 17:50:51 - ATI Technologies
2008-03-23 à 19:14:35 - Avira
2007-04-09 à 09:59:39 - AVYMEDIA
2007-07-11 à 22:16:27 - BitTorrent
2008-03-12 à 19:23:53 - Dealio
2007-09-29 à 12:32:40 - DivX
2006-01-16 à 19:18:36 - dsbc310_winxp2k98se_driver_110
2007-10-13 à 21:48:24 - DVD Shrink
2007-10-13 à 22:01:10 - DVDCOPY
2005-12-26 à 18:00:03 - EA GAMES
2007-12-14 à 17:06:26 - Fichiers communs
2006-11-25 à 17:29:23 - Foreignword
2008-03-11 à 22:43:09 - Free Video Converter
2006-09-17 à 23:12:46 - Gamenext
2007-09-16 à 18:30:44 - Google
2007-05-07 à 20:48:46 - Hewlett-Packard
2007-10-13 à 22:14:43 - InfraRecorder
2008-02-24 à 01:13:39 - InstallShield Installation Information
2008-03-21 à 22:05:24 - Internet Explorer
2004-09-01 à 17:52:36 - InterVideo
2007-10-13 à 22:27:23 - iPod
2004-01-01 à 09:35:44 - iTunes
2008-03-23 à 20:26:34 - Java
2007-01-15 à 22:08:46 - Lavasoft
2008-02-24 à 01:13:40 - LG Electronics
2008-02-24 à 01:12:27 - LGE GSM PC Sync
2008-02-09 à 20:14:48 - LimeWire
2006-04-12 à 13:24:14 - LimeWirepro
2008-03-25 à 17:41:07 - Lopxp
2006-08-27 à 15:05:53 - Magicbit
2008-03-23 à 21:39:17 - Malwarebytes' Anti-Malware
2004-10-03 à 15:01:56 - Maxis
2005-05-01 à 12:39:36 - Messenger
2008-01-03 à 17:07:24 - Messenger Plus! Live
2007-01-18 à 16:58:41 - MessengerPlus! 3
2004-12-25 à 23:58:48 - MGI
2004-01-01 à 07:47:20 - microsoft frontpage
2006-08-31 à 17:38:03 - Microsoft IntelliPoint 5.0
2006-08-31 à 17:43:15 - Microsoft IntelliType Pro 5.2
2007-12-10 à 14:51:54 - Microsoft Office
2007-12-11 à 00:51:11 - Microsoft SQL Server Compact Edition
2005-05-01 à 12:39:37 - Microsoft Works
2007-06-04 à 18:47:10 - mIRC
2005-05-01 à 12:39:40 - Movie Maker
2008-03-25 à 17:35:21 - Mozilla Firefox
2007-02-08 à 20:56:25 - MSBuild
2007-12-10 à 14:44:20 - MSECache
2005-04-19 à 20:08:46 - MSN
2006-05-08 à 22:26:32 - MSN Apps
2004-01-01 à 07:43:23 - MSN Gaming Zone
2006-11-19 à 02:43:08 - MSXML 4.0
2007-08-21 à 01:05:46 - MSXML 6.0
2006-09-07 à 12:43:58 - Nero
2005-03-27 à 10:54:43 - NetMeeting
2007-10-06 à 13:13:01 - Neuf
2004-09-02 à 13:04:13 - Norton Personal Firewall
2007-04-09 à 09:54:48 - Oberon Media
2007-06-13 à 23:38:44 - Outlook Express
2005-01-19 à 14:21:03 - PacketVideo
2007-09-19 à 21:59:48 - PhotoFiltre
2007-10-23 à 16:28:20 - Picasa2
2006-06-06 à 09:56:22 - Pochette Express 2
2004-01-01 à 09:58:02 - Presario PC Help
2005-02-18 à 23:30:09 - QuickTime
2007-12-14 à 17:04:43 - Real
2005-05-11 à 19:21:42 - RecordNow!
2007-02-08 à 20:49:49 - Reference Assemblies
2006-06-12 à 11:08:20 - Samsung
2004-12-18 à 22:32:19 - Satsuki Decoder Pack
2006-06-22 à 14:53:29 - SDLL
2004-09-01 à 17:51:35 - Sonic
2007-05-26 à 15:30:29 - Sony Ericsson
2007-06-20 à 21:43:43 - Spybot - Search & Destroy
2007-07-11 à 22:22:33 - Super DVD Creator 9.0
2008-03-23 à 19:34:00 - Tall Emu
2005-07-20 à 13:05:54 - Ulead Systems
2008-03-24 à 00:28:28 - UltimateZip
2006-06-22 à 14:54:06 - Uninstall Information
2005-03-30 à 14:24:57 - USB Driver-Express
2007-10-24 à 18:03:21 - Veoh Networks
2008-02-24 à 00:40:36 - VideoLAN
2005-02-18 à 23:30:16 - Viewpoint
2007-04-09 à 09:29:27 - Windows Defender
2008-02-27 à 14:23:31 - Windows Live
2006-12-23 à 12:41:05 - Windows Media Connect 2
2006-12-23 à 12:44:17 - Windows Media Player
2005-03-27 à 10:54:34 - Windows NT
2008-03-21 à 22:05:24 - WindowsUpdate
2005-01-19 à 14:19:59 - WMV9_VCM
2004-01-01 à 07:47:20 - xerox
2006-09-02 à 16:14:50 - Yahoo!
2006-09-21 à 16:27:57 - Zylom Games
========== Tâches planifiées
FRU Task #Hewlett-Packard#hp psc 1100 series#1094070518.job: C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 1100 series#1094070518"
MP Scheduled Scan.job: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
========== Clés registre
========== Bloqueur popups Internet Explorer
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\View Bold Online 2
C:\Documents and Settings\maman\Application Data\Fordlist
C:\Documents and Settings\maman\Application Data\New32Regs
C:\Program Files\DVDCOPY
+- Registre : Aucune suggestion.
- Fin du rapport -
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
25 mars 2008 à 19:17
25 mars 2008 à 19:17
re,
* Télécharge OTMoveIt2 (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Standard List of Files/Folders to Move" :
C:\Documents and Settings\All Users\Application Data\View Bold Online 2
C:\Documents and Settings\maman\Application Data\Fordlist
C:\Documents and Settings\maman\Application Data\New32Regs
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Program Files\Viewpoint
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
@+
* Télécharge OTMoveIt2 (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Standard List of Files/Folders to Move" :
C:\Documents and Settings\All Users\Application Data\View Bold Online 2
C:\Documents and Settings\maman\Application Data\Fordlist
C:\Documents and Settings\maman\Application Data\New32Regs
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Program Files\Viewpoint
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
@+
c'est fait!:
C:\Documents and Settings\All Users\Application Data\View Bold Online 2 moved successfully.
C:\Documents and Settings\maman\Application Data\Fordlist moved successfully.
C:\Documents and Settings\maman\Application Data\New32Regs moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\DownloadedComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\Components moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\Program Files\Viewpoint moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03252008_201625
C:\Documents and Settings\All Users\Application Data\View Bold Online 2 moved successfully.
C:\Documents and Settings\maman\Application Data\Fordlist moved successfully.
C:\Documents and Settings\maman\Application Data\New32Regs moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\DownloadedComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\Components moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\Program Files\Viewpoint moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03252008_201625
g!rly
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
407
25 mars 2008 à 20:21
25 mars 2008 à 20:21
ok
passe ceci maintenant :
Télécharge Clean:
-> http://www.malekal.com/download/clean.zip
-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.
Un rapport va s'ouvrir, copie et colle le contenu sur le forum.
-> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :
http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914
@+
passe ceci maintenant :
Télécharge Clean:
-> http://www.malekal.com/download/clean.zip
-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.
Un rapport va s'ouvrir, copie et colle le contenu sur le forum.
-> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :
http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914
@+