Trojan: plus rien?

Résolu/Fermé
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011 - 25 juil. 2008 à 20:08
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 - 1 août 2008 à 20:18
Bonjour,

J'avais un trojan sur mon ordinateur, cf le fil associé:
http://www.commentcamarche.net/forum/affich 7553104 3 virus sur mon ordinateur qque faire

Je viens de faire un Hijackthis...pourriez vous me dire si je suis toujours infecté??? Merci d'avnce pour votre aide!!

Xavier

Scan saved at 19:59:29, on 25/07/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\bgsvcgen.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Tablet.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINNT\system32\tp4serv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\WINNT\system32\TpShocks.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\EN\DevDetect.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINNT\system32\WTablet\TabUserW.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINNT\System32\SCardSvr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy PDF Creator] C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\IBM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINNT\system32\WTablet\TabUserW.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u6-windows-i586-jc.cab&AuthParam=1580964179_948ce1dd250aac19afc416e1e34a3af9&ext=.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/dwa7W.cab
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINNT\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Easy PDF Creator Printing (Service1) - Unknown owner - C:\Program Files\Easy PDF Creator\EasyPrinting.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINNT\system32\Tablet.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
A voir également:

20 réponses

verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
25 juil. 2008 à 20:52
Il y a une trace d'infection bagle.

Tu vas utiliser Elibagla :
http://www.zonavirus.com/datos/descargas/95/elibagla.asp

Téléchargement en bas de page : descargar Elibagla
Enregistre-le sur ton bureau.

Tu lances Elibagla en double-cliquant dessus.
Ce genre d'infection peut être effectivement assez coriace. Si tu utilises cet outil, il te faudra plusieurs fois le passer ( 3 à 4 fois ).
Tu postes le rapport qui se trouve en C:\Infosat.txt.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
25 juil. 2008 à 21:17
Et voilà le travail!

Fri Jul 25 21:11:41 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\FLEC006.EXE --> Bagle Renombrado a .VIR
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Fri Jul 25 21:12:28 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\Administrateur\Application Data\m\FLEC006.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 3486
Nº Total de Ficheros: 40494
Nº de Ficheros Analizados: 8162
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
25 juil. 2008 à 21:23
Télécharge Blacklight de F-Secure
ftp://ftp.f-secure.com/f-prot/tools/fsbl.exe

* Sauvegarde le sur ton Bureau.
* Double-clique fsbl.exe et accepte la licence ; clique Scan puis Next.
* Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
* Copie et colle le contenu de ce rapport dans ta prochaine réponse.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
25 juil. 2008 à 21:33
Hop:

07/25/08 21:27:48 [Info]: BlackLight Engine 1.0.70 initialized
07/25/08 21:27:48 [Info]: OS: 5.0 build 2195 (Service Pack 4)
07/25/08 21:27:48 [Note]: 7019 4
07/25/08 21:27:48 [Note]: 7005 0
07/25/08 21:27:51 [Note]: 7006 0
07/25/08 21:27:51 [Note]: 7011 1204
07/25/08 21:27:51 [Note]: 7035 0
07/25/08 21:27:51 [Note]: 7026 0
07/25/08 21:27:51 [Note]: 7026 0
07/25/08 21:28:02 [Note]: FSRAW library version 1.7.1024
07/25/08 21:32:43 [Note]: 2000 1012
07/25/08 21:34:35 [Note]: 7007 0
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
25 juil. 2008 à 21:34
Tu repasses Elibagla et tu me postes le rapport.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
25 juil. 2008 à 21:42
hop!


Fri Jul 25 21:11:41 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\FLEC006.EXE --> Bagle Renombrado a .VIR
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Fri Jul 25 21:12:28 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\Administrateur\Application Data\m\FLEC006.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 3486
Nº Total de Ficheros: 40494
Nº de Ficheros Analizados: 8162
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1

Fri Jul 25 21:41:51 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Eliminada Carpeta "%AppData%\M"

Fri Jul 25 21:41:53 2008
EliBagle v11.62 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 24 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 3485
Nº Total de Ficheros: 40515
Nº de Ficheros Analizados: 8162
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
25 juil. 2008 à 21:48
C'est mieux.

1) tu m'envoies un rapport Hijackthis.

2) Tu télécharges MalwareBytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes. Choisis les options par défaut.
A la fin de l’installation, il te sera demandé de mettre à jour MalwareBytes et de l’éxecuter .
Accepte. Après la, mise à jour, le logiciel va s’ouvrir.

Dans l’onglet Recherche, sélectionne Exécuter un examen complet.
Clique sur recherche. Tu ne sélectionnes que les disques durs de l’ordinateur.
Clique sur lancer l’examen.

A la fin de la recherche, Comme il est demandé, clique sur afficher les résultats de la recherche.
Choisis alors Supprimer la selection pour nettoyer les infections.

Tu postes le rapport dans ton prochain message.
Si tu ne le retrouves pas, ouvre MalwareBytes et regarde dans l’onglet Rapport/logs. Il y est.
Clique dessus et choisir ouvrir.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
25 juil. 2008 à 22:19
Voici le rapport HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:44, on 25/07/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\bgsvcgen.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Tablet.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINNT\system32\tp4serv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\WINNT\system32\TpShocks.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\EN\DevDetect.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINNT\system32\WTablet\TabUserW.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINNT\System32\SCardSvr.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy PDF Creator] C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\RunOnce: [ReEXEc] C:\Documents and Settings\Administrateur\Bureau\ELIBAGLA.DHB H.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\IBM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINNT\system32\WTablet\TabUserW.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u6-windows-i586-jc.cab&AuthParam=1580964179_948ce1dd250aac19afc416e1e34a3af9&ext=.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/dwa7W.cab
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINNT\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Easy PDF Creator Printing (Service1) - Unknown owner - C:\Program Files\Easy PDF Creator\EasyPrinting.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINNT\system32\Tablet.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
25 juil. 2008 à 22:42
MalwareBytes a nettoyé en grande partie l'infection.

Tu vas faire un scan en ligne sur le site de Kaspersky:
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

Clique sur Demarrer Online-scanner ( en bas de page à droite ) pour commencer l'analyse.
Il te sera demandé d'installer un logiciel de Kaspersky, accepte.

A la fin de cette analyse, clique sur enregistrer le rapport.
Poste le contenu de ce rapport dans ton prochain message.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
26 juil. 2008 à 00:55
Voici le rapport:

Malwarebytes' Anti-Malware 1.23
Version de la base de données: 992
Windows 5.0.2195 Service Pack 4

22:20:42 25/07/2008
mbam-log-7-25-2008 (22-20-42).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 68718
Temps écoulé: 22 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 201

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINNT\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINNT\system32\drivers\downld\10011046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10013312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10015312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10017281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10022593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10024390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10027062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10030515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10032390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10034421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10036140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10039328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10044125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10071156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10073062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10075921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10079171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3123250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3125171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\31536343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\31539921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32618531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32626453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32628250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32630265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32633390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\32638546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\33219218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\33225640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\33227562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\33229687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\33231828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34135593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34142093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5962421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5975390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5977750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5980656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\6577234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\6591484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\6595625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\6598359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\6601421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7189187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7225156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7228578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7230890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7238734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7788156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\7812468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8546312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8560343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8567015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8570359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8573328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8578875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8581156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8584156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8586781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9165828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9170328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9172312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9174390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9177718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9179343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9181515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9183765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9186718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9189640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9196078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9199187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9201312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9205953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9208718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9213218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9215078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9217421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9222781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9907281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9910359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9912406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9930890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9938531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9941406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9942937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9946218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9948265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9950140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9953359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9973312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9974859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\240316265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\240377453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\240737437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\240769218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\24484859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\24489328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25217765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25223796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25225359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25227765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\2577187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25843828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\25851343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\26419359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\10081296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\26446125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28607062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3118734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34147500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3746468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5403015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\8568812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\9203531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27020156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27026656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27976234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27983578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27986156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27987734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27991984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27996531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\27999609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28002296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28577046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28588406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28593843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28595296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28597593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28600890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28602765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28616109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28618265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28620687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\28622515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\2907687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29201906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29210125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29214046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29222781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\2943734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\2967875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29778203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29804203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\29819828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\30397234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\30407859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3059968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3062328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3067359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3069187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3079390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3101234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3106187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3109312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3114250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3116687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34809046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34815859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\34822312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\35415375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\35420546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\35422578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\35428000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\36019234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\36025078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\36030015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\36613859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37219187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37222843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37225953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37238578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37243453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\3736296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37821328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37837046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37842343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37846078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37848953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37852937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37855515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\37862187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\38431250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\38437843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\38443390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\38446921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4334265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4340562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4342609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4344500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4361375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4364546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4367671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\4370093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5364140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5368312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5374531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5380765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5392656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5395812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINNT\system32\drivers\downld\5399703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
26 juil. 2008 à 09:31
Balao47,

C'est le rapport MalwareBytes que tu viens de me poster, le même que précédemment.

1) Vide justement la quarantaine de MalwareBytes.
Tu ouvres MalwareBytes et tu vas dans l'onglet Quaranataine.
Si il y a des éléments, supprime tout.

2) Recommence le scan en ligne.
Je te remets la procédure.

Tu vas faire un scan en ligne sur le site de Kaspersky:
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

Clique sur Demarrer Online-scanner ( en bas de page à droite ) pour commencer l'analyse.
Il te sera demandé d'installer un logiciel de Kaspersky, accepte.

A la fin de cette analyse, clique sur enregistrer le rapport.
Poste le contenu de ce rapport dans ton prochain message.

3) Il faudra qu'on voie pour les protections de ton PC.
Tu n'as qu'un antivirus.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
26 juil. 2008 à 11:29
Voici le rapport! Encore merci pour tes remarques...Comme conseillé par Kapser, j'ai deconnecté avast...

Saturday, July 26, 2008 11:30:09 AM
Système d'exploitation : Microsoft Windows 2000 Professional, Service Pack 4 (Build 2195)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 26/07/2008
Enregistrements dans la base antivirus Kaspersky : 899055


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\

Statistiques de l'analyse
Total d'objets analysés 41032
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:54:47

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Administrateur\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012008072620080727\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\master.mdf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\mastlog.ldf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\model.mdf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\modellog.ldf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\tempdb.mdf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\Data\templog.ldf L'objet est verrouillé ignoré

C:\Program Files\Microsoft SQL Server\MSSQL\LOG\ERRORLOG L'objet est verrouillé ignoré

C:\WINNT\CSC\00000001 L'objet est verrouillé ignoré

C:\WINNT\Debug\ipsecpa.log L'objet est verrouillé ignoré

C:\WINNT\Debug\oakley.log L'objet est verrouillé ignoré

C:\WINNT\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINNT\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINNT\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINNT\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINNT\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINNT\system32\config\default L'objet est verrouillé ignoré

C:\WINNT\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINNT\system32\config\SAM L'objet est verrouillé ignoré

C:\WINNT\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINNT\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINNT\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINNT\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINNT\system32\config\software L'objet est verrouillé ignoré

C:\WINNT\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINNT\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINNT\system32\config\system L'objet est verrouillé ignoré

C:\WINNT\system32\config\SYSTEM.ALT L'objet est verrouillé ignoré

C:\WINNT\system32\Perflib_Perfdata_268.dat L'objet est verrouillé ignoré

C:\WINNT\system32\Perflib_Perfdata_368.dat L'objet est verrouillé ignoré

C:\WINNT\system32\wbem\Repository\CIM.REP L'objet est verrouillé ignoré

Analyse terminée.
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
26 juil. 2008 à 11:47
Tout ça semble très bien.

Pour les protections de ton ordinateur, tu n'as qu'Avast qui est bien insuffisant.
Il te faut un antispyware, un parefeu :

1) Pour l'antivirus :
Je te conseille d'en changer et de le remplacer par Antivir ( ce n'est qu'un conseil ).
Pour l'instant il est en anglais, mais la version française va bientôt sortir.
Je te joins un article qui compare Avast et Antivir
http://forum.malekal.com/ftopic3528.php

tuto antivir :
https://www.malekal.com/avira-free-security-antivirus-gratuit/

désinstallation avast :
http://www.avast.com/fre/avast-uninstall-utility.htm

2) pare-feu gratuits :

Zone alarm :
https://www.malekal.com/tutoriel-zonealarm-firewall/

- Comodo™ Firewall ( version 3.0 en anglais, sinon 2.4 multi-langues )
https://www.malekal.com/tutorial-comodo-firewall/

- Kerio Personal Firewall
https://www.malekal.com/tutorial-et-guide-counterspy/

-Online Armor : ( en anglais )
https://www.malekal.com/tutorial-online-armor-free/

3) Les antispywares :

AVG anti spyware:
https://www.commentcamarche.net/telecharger/ 218 avg anti spyware

Spybot :
https://www.malekal.com/spybot-search-destroy-proteger-desinfecter-pc-virus/

Installe ces produits et poste moi un rapport de Hijackthis.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
27 juil. 2008 à 10:28
C'est fait: merci infiniment pour ton aide précieuse sur ce sujet! J'ai installé antivir, zonelarm et spyboot!
Une question complémentaire...j'ai un disque externe, comment puis je vérifier qu'il n'as pas été infecté??

Voici le rapport Hijack (ordi seul):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:34, on 27/07/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\system32\bgsvcgen.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Tablet.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\tp4serv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\WINNT\system32\TpShocks.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\ACD Systems\EN\DevDetect.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINNT\system32\WTablet\TabUserW.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\wuauclt.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy PDF Creator] C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\IBM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINNT\system32\WTablet\TabUserW.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u6-windows-i586-jc.cab&AuthParam=1580964179_948ce1dd250aac19afc416e1e34a3af9&ext=.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/dwa7W.cab
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINNT\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Easy PDF Creator Printing (Service1) - Unknown owner - C:\Program Files\Easy PDF Creator\EasyPrinting.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINNT\system32\Tablet.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
27 juil. 2008 à 10:43
Comment savoir que ton disque dur externe n'est pas infecté ?
Avec Antivir. Quand ton DD externe est branché ( imaginons en E:) , tu dois pouvoir lancé un scan sur E:.

1) Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

Tu choisis l'option " Fixchecked" en bas de la page.

2) Ta version d'IE est à mettre à jour.
Installe IE7, plus sécurisé.

http://www.commentcamarche.net/telecharger/telecharger 220 internet explorer

3) Lance un scan Antivir sur ton DD extern et poste le rapport si il détecte des infections.

A+
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
27 juil. 2008 à 22:46
C'est fait: à priori pas d'infextion détecté sous E: ...en revanche, sous C: il semblerait qu'il y ait un virus:

The file 'C:\Documents and Settings\Administrateur\Bureau\WIN sources\WinACE\ace25_kg.exe'
contained a virus or unwanted program 'HEUR/Crypted' [heuristic]
Action(s) taken:
The file was moved to '48f1d400.qua'!
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
28 juil. 2008 à 09:09
Pour le fichier infecté, ce n'est pas certain. Les antivirus donnent ce genre de nom lorsqu'ils ont un doute sur un fichier.

Change de logiciel, par exemple 7-Zip qui est gratuit.

Je te donne les consignes de nettoyage :

1) On va enlever les logiciels qui ont été utilisés..
Télécharge ToolsCleaner .sur le bureau
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe

Double-clique sur ToolsCleaner2.exe --> Recherche --> Suppression.
Il est possible que ton bureau disparaisse.

Si l’écran ne réapparait pas, tape sur les touches Ctrl + Alt + Supp. Ceci ouvre le gestionnaire de taches.
Dans l’onglet Processus, clique sur le menu Fichier, puis Executer et tape Explorer. Valide.

2) Tu vas utiliser CCleaner.
https://www.commentcamarche.net/telecharger/ 168 ccleaner

utilise les fonctions nettoyeur et registre.

3) Les points de restauration :

- Panneau de configuation --> Système --> Restauration du sytème
décocher " Désactiver la restauration .... "
Il te sera demandé de redémarrer ton ordinateur. Accepte.
Ceci va supprimer les points de restauration existants et infectés ( 3 virus )

- Tu vas recréer un point de restauration propre.
Pour recréer un point de restauration :
Démarrer --> Programmes --> Accessoires --> Outils système --> Restauration système
Choisis "Créer un point de restauration". Suis les invites.

Après tout ca, ton PC devrait être propre et protégé.
Si tu as le moindre problème, poste un message.

Pourrais-tu mettre le sujet en résolu, STP ?

Salut.
A une prochainie peut être sur le forum.
0
baloo47 Messages postés 20 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 14 novembre 2011
29 juil. 2008 à 22:01
Aie, je n'arrive pas à lançer ToolsCleaner..."DLL introuvable": quesaco??? (ps: suis sous windows 2000)???

Merci d'avance pour ton aide,

Xavier
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
29 juil. 2008 à 22:13
Oui, ToolsCleaner n'est que pour XP ou Vista.

Pour les logiciels que tu as utilisé :

Elibagla, blacklight --> supprime les. ils sont sur le bureau
malwarebytes --l> garde le, il peut être intéressant
hijackthis --> Ajout/ suppression de programmes

Je te remets le lien pour CCleaner :
https://www.ccleaner.com/

A+
0
Merci bcp pour ton aide sur ce sujet: tu as été particulièrement clair et bien entendu efficace dans tes conseils! Encore merci pour tout et bon courage pour la suite!

A+++

Xavier
0
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
1 août 2008 à 20:18
salut, balaoo47

A+ peut être sur le forum ( mais pas dans la partie sécurité )
0