Cheval de troie

valentin_s92 -  
Jimy6000 Messages postés 254 Statut Membre -
Bonsoir,
J ai lu ce tres interessant article: http://www.commentcamarche.net/faq/sujet 2843 mode routeur des box freebox livebox aol neuf alice box
Cela voudrait donc t il dire que le hacker ne pourrait se connecter sur mon ordinateur avec mon adresse ip publique car je suis derriere un routeur?
Configuration: Windows XP
Internet Explorer 7.0

8 réponses

  1. Utilisateur anonyme
     
    Salut fais ceci

    *Télécharge HijackThis: http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
    *Puis fais "Install" puis "I accept" puis tu cliques sur "Do a system scan and save a logfile".
    *L'analyse se fait un bloc-note s'ouvrira tu fais copier/coller dans le forum.
    0
  2. valentin_s92
     
    OK mais je ne suis pas infecte.Je demande juste si on peut se faire controler son ordinateur a distance par un hacker si on a une adresse du type 192.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:39:15, on 12/06/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NetDrive\wdservice.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\ZSSnp211.exe
    C:\WINDOWS\Domino.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
    C:\Program Files\Cheat Engine\Cheat Engine.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HJT.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.piclens.com/welcome/ie-welcome.php?v=1.5.17
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-602162358-1844823847-1801674531-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Eric et France')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdservice.exe
    O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
    0
    1. Utilisateur anonyme
       
      Ok mets a jour tous tes logiciels de sécurité ?
      0
  3. valentin_s92
     
    Oui c est fait.Mais pourrais tu repondre a ma question?
    0
  4. Utilisateur anonyme
     
    Oui il peuvent te hacker c'est pour ca je vais t'aider a te désinfecter. Tu fais un scan en mode sans échec avec AntiVir. Tu lances le scan et si il détecte un virus (normalement oui) tu cliques sur "delete" et "apply sélection to all following détections. (pour qu'il le supprimes automatiquement). A la fin du scan tu cliques sur "Report" puis normalement un bloc-note s'ouvrira tu l'enregistre sur ton bureau avec le titre "Rapport AntiVir"puis tu redémarre en mode normal puis tu me postes le rapport.

    Mode sans Echec:

    Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
    Sélectionner "Mode sans échec" et appuie sur [Entrée]
    Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
    Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

    PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. valentin_s92
     
    Attends tu insinues que je suis infecte la?tu en es sur?Car je fais souvent des analyses et il ne detecte rien!!!
    0
    1. Utilisateur anonyme
       
      Oui.
      0
  7. valentin_s92
     
    Ok merci je la fais des que possible!!
    0
  8. valentin_s92
     
    C est bon!!

    Avira AntiVir Personal
    Report file date: jeudi 12 juin 2008 22:00

    Scanning for 1328777 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 3) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: ERIC

    Version information:
    BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 20/04/2008 16:20:38
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 20/04/2008 16:20:38
    LUKE.DLL : 8.1.2.9 151809 Bytes 20/04/2008 16:20:38
    LUKERES.DLL : 8.1.2.1 12033 Bytes 20/04/2008 16:20:38
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 12:36:36
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:07:50
    ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 12:14:02
    ANTIVIR3.VDF : 7.0.4.186 347136 Bytes 12/06/2008 15:15:34
    Engineversion : 8.1.0.55
    AEVDF.DLL : 8.1.0.5 102772 Bytes 20/04/2008 16:20:39
    AESCRIPT.DLL : 8.1.0.40 266618 Bytes 06/06/2008 12:18:38
    AESCN.DLL : 8.1.0.21 119156 Bytes 06/06/2008 12:18:37
    AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 16:13:38
    AEPACK.DLL : 8.1.1.5 364918 Bytes 15/05/2008 20:24:06
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 20/04/2008 16:20:39
    AEHEUR.DLL : 8.1.0.30 1253750 Bytes 06/06/2008 12:18:34
    AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 05:06:47
    AEGEN.DLL : 8.1.0.28 307572 Bytes 06/06/2008 12:18:24
    AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 18:35:27
    AECORE.DLL : 8.1.0.31 168310 Bytes 06/06/2008 12:18:21
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 20/04/2008 16:20:38
    AVPREF.DLL : 8.0.0.1 25857 Bytes 20/04/2008 16:20:38
    AVREP.DLL : 7.0.0.1 155688 Bytes 17/04/2008 15:16:46
    AVREG.DLL : 8.0.0.0 30977 Bytes 20/04/2008 16:20:38
    AVARKT.DLL : 1.0.0.23 307457 Bytes 20/04/2008 16:20:38
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 20/04/2008 16:20:38
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 20/04/2008 16:20:38
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 20/04/2008 16:20:38
    NETNT.DLL : 8.0.0.1 7937 Bytes 20/04/2008 16:20:38
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 20/04/2008 16:20:34
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 20/04/2008 16:20:34

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: high
    Skipped files....................: C:\Documents and Settings\Eric et France\Bureau\VirtumundoBeGone.exe,
    Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

    Start of the scan: jeudi 12 juin 2008 22:00

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'SiteAdv.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'Domino.EXE' - '1' Module(s) have been scanned
    Scan process 'ZSSnp211.EXE' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'SiteAdv.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'Domino.EXE' - '1' Module(s) have been scanned
    Scan process 'ZSSnp211.EXE' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'WMP54Gv4.exe' - '1' Module(s) have been scanned
    Scan process 'WLService.exe' - '1' Module(s) have been scanned
    Scan process 'wdService.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    48 processes with 48 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '29' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\val\Mes documents\optix_133 et prorat\prorat\pro.exe
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Prorat.RC Backdoor server programs
    [NOTE] The file was moved to '48c085fa.qua'!
    C:\Documents and Settings\val\Mes documents\optix_133 et prorat\prorat\ProRat.exe
    [DETECTION] Contains detection pattern of the backdoor control software BDC/Prorat.19.P
    [NOTE] The file was moved to '48c085fb.qua'!
    C:\Documents and Settings\val\Mes documents\Telechargements\aircrack-ng-0.9-win.zip
    [0] Archive type: ZIP
    --> aircrack-ng-0.9-win/bin/aircrack-ng.exe
    [DETECTION] Contains detection pattern of the SPR/Aircra.A.944139 program
    --> aircrack-ng-0.9-win/bin/airodump-ng.exe
    [DETECTION] Contains detection pattern of the SPR/PSW.AirCrack.B program
    [NOTE] The file was moved to '48c38611.qua'!
    C:\Documents and Settings\val\Mes documents\Telechargements\ca_setup.rar
    [0] Archive type: RAR
    --> ca_setup.exe
    [DETECTION] Contains detection pattern of the dropper DR/PSW.Cain.284.14
    [NOTE] The file was moved to '48b08679.qua'!
    C:\Documents and Settings\val\Mes documents\Telechargements\superscan_superscan_4.0_anglais_10828.zip
    [0] Archive type: ZIP
    --> SuperScan4.exe
    [DETECTION] Contains detection pattern of the SPR/Tool.SuperScan.1 program
    [NOTE] The file was moved to '48c186a4.qua'!
    C:\Documents and Settings\val\Mes documents\Usb key\aircrack-ng-0.9-win.zip
    [0] Archive type: ZIP
    --> aircrack-ng-0.9-win/bin/aircrack-ng.exe
    [DETECTION] Contains detection pattern of the SPR/Aircra.A.944139 program
    --> aircrack-ng-0.9-win/bin/airodump-ng.exe
    [DETECTION] Contains detection pattern of the SPR/PSW.AirCrack.B program
    [NOTE] The file was moved to '48c3872d.qua'!
    C:\Program Files\CrackWepPack\winaircrackpack\aircrack.exe
    [DETECTION] Contains detection pattern of the SPR/PSW.AirCrack.A program
    [NOTE] The file was moved to '48c389ae.qua'!
    C:\System Volume Information\_restore{9F0DCDEA-7E3A-4DCD-A49C-8B109CC5B4ED}\RP147\A0057743.exe
    [DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.82
    [NOTE] The file was moved to '48818d8d.qua'!
    C:\System Volume Information\_restore{9F0DCDEA-7E3A-4DCD-A49C-8B109CC5B4ED}\RP148\A0057799.exe
    [DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
    [NOTE] The file was moved to '48818d91.qua'!
    C:\System Volume Information\_restore{9F0DCDEA-7E3A-4DCD-A49C-8B109CC5B4ED}\RP22\A0002157.exe
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\System Volume Information\_restore{9F0DCDEA-7E3A-4DCD-A49C-8B109CC5B4ED}\RP220\A0084901.exe
    [DETECTION] Contains detection pattern of the SPR/PSW.AirCrack.A program
    [NOTE] The file was moved to '48818f93.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    End of the scan: jeudi 12 juin 2008 23:25
    Used time: 1:25:52 min

    The scan has been done completely.

    10555 Scanning directories
    419515 Files were scanned
    12 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    10 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    419503 Files not concerned
    2666 Archives were scanned
    3 Warnings
    10 Notes
    0
    1. Utilisateur anonyme
       
      Ok tu avais 10 virus. Pourquoi les as tu mis en quarantaine? Ouvre "AntiVir" va dans "administration" puis clique sur la poubelle jusqu'à qu'il n'y est plus de virus.
      0
    2. Jimy6000 Messages postés 254 Statut Membre 39
       
      Qu'il n'y Ai plus de virus (c'est mieux) ^^
      0
  9. valentin_s92
     
    C est bon je les ai tous supprimes!!
    C est tout ce que je dois faire?
    0
    1. Utilisateur anonyme
       
      1) Télécharge Malwarebytes' Anti-Malware.

      *Télécharge et installe Malwarebyte's Anti-Malware
      *http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware
      *A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
      *Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
      *Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
      *Laisse les Mises à jour se télécharger

      *** Referme le programme ***

      2) Redémarre en "Mode sans échec"

      Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
      Sélectionner "Mode sans échec" et appuie sur [Entrée]
      Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
      Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

      Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

      3) Scan avec Malwarebyte's Anti-Malware

      *Lance Malwarebyte's Anti-Malware
      *Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
      *A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
      *Suppression des éléments détectés >>>> clique sur Supprimer la sélection
      *S'il t'es demandé de redémarrer >>> clique sur "Yes"

      *--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
      0