Trojan : TR/Crypt.ULPM.Gen
miko
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Je me suis debarassé de diverses infections comme celle de "y a ta tof sur ce site" (infection msn) suite à vos conseils puis en faisant un scan avec antivir pour bien reverifier le tout, il ne m'a trouvé aucun virus mais 10 detections d'infections, en regardant le rapport j'ai remarqué que c'etait toujours la meme infection qui apparaissait
"Trojan : TR/Crypt.ULPM.Gen", je ne vois pas où cette infection se situe et surtout comment la supprimer???????
ci joint le rapport du scan antivir :
AntiVir PersonalEdition Classic
Report file date: lundi 31 mars 2008 12:00
Scanning for 1171940 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: WINDOWS-4EB701C
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:16:50
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 16:16:50
ANTIVIR3.VDF : 7.0.3.94 51200 Bytes 31/03/2008 07:28:50
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 29/03/2008 16:16:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 29/03/2008 16:16:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: O:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 31 mars 2008 12:00
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'UpdaterUI.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'MXOALDR.EXE' - '1' Module(s) have been scanned
Scan process 'OneTouch.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'mixer.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'FrameworkService.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'M:\'
[NOTE] No virus was found!
Boot sector 'N:\'
[NOTE] No virus was found!
Boot sector 'O:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '38' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <BACKUP>
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <RECOVER>
Begin scan in 'M:\' <LaCie>
Begin scan in 'N:\' <MAXTOR>
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
[0] Archive type: ZIP
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
[1] Archive type: ZIP
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[WARNING] The file was ignored!
Begin scan in 'O:\' <MAXTOR>
End of the scan: lundi 31 mars 2008 13:33
Used time: 1:33:13 min
The scan has been done completely.
9405 Scanning directories
535920 Files were scanned
10 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
535910 Files not concerned
3716 Archives were scanned
3 Warnings
1 Notes
Je me suis debarassé de diverses infections comme celle de "y a ta tof sur ce site" (infection msn) suite à vos conseils puis en faisant un scan avec antivir pour bien reverifier le tout, il ne m'a trouvé aucun virus mais 10 detections d'infections, en regardant le rapport j'ai remarqué que c'etait toujours la meme infection qui apparaissait
"Trojan : TR/Crypt.ULPM.Gen", je ne vois pas où cette infection se situe et surtout comment la supprimer???????
ci joint le rapport du scan antivir :
AntiVir PersonalEdition Classic
Report file date: lundi 31 mars 2008 12:00
Scanning for 1171940 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: WINDOWS-4EB701C
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:16:50
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 16:16:50
ANTIVIR3.VDF : 7.0.3.94 51200 Bytes 31/03/2008 07:28:50
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 29/03/2008 16:16:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 29/03/2008 16:16:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: O:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 31 mars 2008 12:00
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'UpdaterUI.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'MXOALDR.EXE' - '1' Module(s) have been scanned
Scan process 'OneTouch.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'mixer.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'FrameworkService.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'M:\'
[NOTE] No virus was found!
Boot sector 'N:\'
[NOTE] No virus was found!
Boot sector 'O:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '38' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <BACKUP>
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <RECOVER>
Begin scan in 'M:\' <LaCie>
Begin scan in 'N:\' <MAXTOR>
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
[0] Archive type: ZIP
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
[1] Archive type: ZIP
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[WARNING] The file was ignored!
Begin scan in 'O:\' <MAXTOR>
End of the scan: lundi 31 mars 2008 13:33
Used time: 1:33:13 min
The scan has been done completely.
9405 Scanning directories
535920 Files were scanned
10 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
535910 Files not concerned
3716 Archives were scanned
3 Warnings
1 Notes
A voir également:
- Trojan : TR/Crypt.ULPM.Gen
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Virus trojan al11 ✓ - Forum Virus
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
6 réponses
slt,
vide ta poubelle et vire tes cracks
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
_____________
puis recolle un rapport antivir
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
vide ta poubelle et vire tes cracks
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
_____________
puis recolle un rapport antivir
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
parfait encore des soucis?
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
VOICI le rapport hijackthis (je sais pas si j'ai bien executé ta procedure, à savoir renommer hijackthis.exe en eden.exe, avant de le decompresser dans un nouveau dossier crée dans C: sous le nom d'hijackthis, c'etait ca?
autre question, tu avais remarqué que dans le scan d'hier par antivir, il me detectait apparemment des dossiers suspects (que je n'ai jamasi reussi a trouver d'ailleurs....), mais cela se situait sur un disque dur externe "N", d'où ma question ne vaut mieux t il pas faire un scan hijackthis sur ce disque dur externe plutot que sur "C"????
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:21, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab?AuthParam=1206540211_45793dab1cd583545a37e34f0d8a31eb&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: Service Framework McAfee (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
autre question, tu avais remarqué que dans le scan d'hier par antivir, il me detectait apparemment des dossiers suspects (que je n'ai jamasi reussi a trouver d'ailleurs....), mais cela se situait sur un disque dur externe "N", d'où ma question ne vaut mieux t il pas faire un scan hijackthis sur ce disque dur externe plutot que sur "C"????
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:21, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab?AuthParam=1206540211_45793dab1cd583545a37e34f0d8a31eb&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jre/6u5-b15/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: Service Framework McAfee (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
branche ton disque N
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_______________
encore des soucis???
pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_______________
encore des soucis???
pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
voilà c'est fait, le rapport de movelt :
File/Folder N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip not found.
File/Folder not found.
File/Folder Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip not found.
File/Folder [1] Archive type: ZIP not found.
File/Folder not found.
File/Folder Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip not found.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04012008_104943
=====> j'y comprends plus rien, apparemment il n'a rien trouvé (pourtant je t'assure que j'ai branché N, d'ailleurs il l'est tout le temps!)
File/Folder N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip not found.
File/Folder not found.
File/Folder Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip not found.
File/Folder [1] Archive type: ZIP not found.
File/Folder not found.
File/Folder Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip not found.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04012008_104943
=====> j'y comprends plus rien, apparemment il n'a rien trouvé (pourtant je t'assure que j'ai branché N, d'ailleurs il l'est tout le temps!)
non rien donc cela devrait etre bon si doute:
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
scan en ligne firefox
https://www.trendmicro.com/fr_fr/business.html
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
scan en ligne firefox
https://www.trendmicro.com/fr_fr/business.html
ok je vais suivre tes conseils et faire un scan en ligne, derniere question comment explique tu la presence du Trojan : TR/Crypt.ULPM.Gen dans le scan d'antivir realisé hier à 12h00, et plus rien dans le scan de cette nuit.....est il possible d'avoir ete supprimé par antivir tout seul???
ci joint la fin du scan d'hier ou il avait detecte les saloperies
Begin scan in 'N:\' <MAXTOR>
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
[0] Archive type: ZIP
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
[1] Archive type: ZIP
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[WARNING] The file was ignored!
Begin scan in 'O:\' <MAXTOR>
End of the scan: lundi 31 mars 2008 13:33
Used time: 1:33:13 min
The scan has been done completely.
9405 Scanning directories
535920 Files were scanned
10 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
535910 Files not concerned
3716 Archives were scanned
3 Warnings
1 Notes
en essayant de lire les lignes, j'ai cru comprendre que ce trojan se situait dans une archive zip d un dossier kapersky situé dans "N", c'est ca (desole de t emmerder, mais pour progresser faut que je comprenne....)
encore merci
ci joint la fin du scan d'hier ou il avait detecte les saloperies
Begin scan in 'N:\' <MAXTOR>
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
[0] Archive type: ZIP
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
[1] Archive type: ZIP
--> Launch Avp32.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch AvpM.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch avpupd.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch KAVI.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> Launch OffGuard.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[WARNING] The file was ignored!
Begin scan in 'O:\' <MAXTOR>
End of the scan: lundi 31 mars 2008 13:33
Used time: 1:33:13 min
The scan has been done completely.
9405 Scanning directories
535920 Files were scanned
10 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
535910 Files not concerned
3716 Archives were scanned
3 Warnings
1 Notes
en essayant de lire les lignes, j'ai cru comprendre que ce trojan se situait dans une archive zip d un dossier kapersky situé dans "N", c'est ca (desole de t emmerder, mais pour progresser faut que je comprenne....)
encore merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
oui c'est ca
c'est dans le disque N
ou c'etait!
verifie avec un scan antivir apres redemarrage?
c'est dans le disque N
ou c'etait!
verifie avec un scan antivir apres redemarrage?
j'ai fait un scan online avec kapersky, ca a pris pas mal de temps mais apparemment il a rien trouvé, j'ai pas eu de rapport par contre donc pas possible de te le poster ici.
Je vais redemarrer et relancer un scan avec antivir pour terminer, si c est bon je mettrai resolu sur le post!!!
Merci beaucoup
Je vais redemarrer et relancer un scan avec antivir pour terminer, si c est bon je mettrai resolu sur le post!!!
Merci beaucoup
merci
N:\RECYCLER\S-1-5-21-332600315-2223432686-950747264-1006\Dn1\Kapersky Anti-Virus Pro 4.0 Fr.zip
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.0.1.54 Final Crack & Key.zip
[1] Archive type: ZIP
Kapersky Anti-Virus Pro 4.0 Fr/Kaspersky AntiVirus Personal Pro 4.x.x.x Fixed.zip
mais rien n'y fait et pourtant j'ai epluché mon disque dur externe "N" pour le denicher.........as tu une autre alternative pour trouver ces cracks??????
merci
je t'envois le rapport du scan antivir, je voulais le faire hier soir mais il a pris trop de temps.....alors je me suis couché, petite anecdocte je ne comprends pas, il ne me trouve plus ce fameux Trojan : TR/Crypt.ULPM.Gen, bizarre est ce que c'et le virus qui se cache????? antivir ne le detecte plus????
voici le rapport :
AntiVir PersonalEdition Classic
Report file date: mardi 1 avril 2008 00:21
Scanning for 1171940 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: matt
Computer name: WINDOWS-4EB701C
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:16:50
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 16:16:50
ANTIVIR3.VDF : 7.0.3.94 51200 Bytes 31/03/2008 07:28:50
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 29/03/2008 16:16:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 29/03/2008 16:16:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: K:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 1 avril 2008 00:21
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'FrameworkService.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'UpdaterUI.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'MXOALDR.EXE' - '1' Module(s) have been scanned
Scan process 'OneTouch.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'mixer.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'M:\'
[NOTE] No virus was found!
Boot sector 'N:\'
[NOTE] No virus was found!
Boot sector 'O:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'L:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '39' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <BACKUP>
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <RECOVER>
Begin scan in 'M:\' <LaCie>
Begin scan in 'N:\' <MAXTOR>
Begin scan in 'O:\' <MAXTOR>
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'L:\' <KINGSTON>
Begin scan in 'J:\'
Search path J:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'K:\'
Search path K:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: mardi 1 avril 2008 01:43
Used time: 1:22:41 min
The scan has been done completely.
9404 Scanning directories
548626 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
548626 Files not concerned
4397 Archives were scanned
2 Warnings
1 Notes
Je fais le scan HIjackthis et je te l'envois de suite! Merci