"keylogger" besoin d'aide Fermé

Question

Bonjour,
Mon antivirus le kaspersky internet security m avise pas mal de fois qu il y un comportement semblable de keylogger et je sais pas comment l eliminer
Merci de m aider

raphy00 · Answer

Salut,

Clique sur ce lien 
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe 
pour télécharger le fichier d'installation d'HijackThis. 

Enregistre HJTInstall.exe sur ton bureau. 

Double-clique sur HJTInstall.exe pour lancer le programme 

Par défaut, il s'installera là : 
C:\Program Files\Trend Micro\HijackThis 

Avant toute installation, renommes le en lalala.exe.

Accepte la license en cliquant sur le bouton "I Accept"

Ensuite clique sur "do a system scan and save a logfile" et postes le rapport.

mizo2511 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:36, on 11/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\System32undll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32undll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mobile Connect\HUAWEIDataCard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\Trucs\Hijackthis\lalala.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\bin\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\bin\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\bin\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll (file missing)
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: https://www.msn.com/fr-fr/
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DF9DF71-6961-4183-9B70-27D246CAB4C6}: NameServer = 192.168.50.55 196.12.209.6
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

mizo2511 · Answer

voila j ai posté le rapport  sur forum  virus securité

mizo2511 · Answer

Bonsoir
j ai besoin de votre aide
merci

raphy00 · Answer

Salut,

Oui oui, hier j'avais pas trop le temps.
Voila.


Coche ces lignes et clique en bas sur fix checked :

O15 - Trusted Zone: *.canalplay.com 
O15 - Trusted Zone: *.canalplusactive.com 
O15 - Trusted Zone: https://www.msn.com/fr-fr/ 
O15 - Trusted Zone: *.canalplay.com (HKLM) 
O15 - Trusted Zone: *.canalplusactive.com (HKLM)

Connais tu ces fichiers ?

C:\Program Files\Apoint\Apoint.exe 
C:\Program Files\Athan\Athan.exe 


Voila.

:)

mizo2511 · Answer

Bonsoir
je viens d appliquer ce vous m avez dit et pour les fichiers
C:\Program Files\Apoint\Apoint.exe 
C:\Program Files\Athan\Athan.exe 
je les connais. Ils sont pour rien.
Esperons que ca va marcher et merci

raphy00 · Answer

Bon, maintenant on fait une verif :

Va ici :

https://www.bitdefender.com/toolbox/

Fais un scan complet.
Accepte l'activex, la licence etc..

Et postes le rapport.

((   C:\windows\bdoscan8\scanres.txt  ))


(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Tutorial : http://pageperso.aol.fr/loraline60/bitdefender_scan.htm

mizo2511 · Answer

Bonsoir
Désolé pour le retard;voila le rapport du scan


BitDefender Online Scanner
Scan report generated at: Wed, Aug 13, 2008 - 16:17:03
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;
Statistics
Time
 01:41:33
Files
 743650
Folders
 27732
Boot Sectors
 4
Archives
 4600
Packed Files
 40207 
Results
 
Identified Viruses 
 2
 
Infected Files 
 18
 
Suspect Files 
 0
 
Warnings
 0
 
Disinfected
 0
 
Deleted Files
 18
 
  
  
 
Engines Info
 
Virus Definitions
 1451838
 
Engine build
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Scan plugins
 16
 
Archive plugins
 43
 
Unpack plugins
 7
 
E-mail plugins
 6
 
System plugins
 5
 
  
  
 
Scan Settings
 
First Action
 Disinfect
 
Second Action
 Delete
 
Heuristics
 Yes
 
Enable Warnings
 Yes
 
Scanned Extensions
 *;
 
Exclude Extensions
  
 
Scan Emails
 Yes
 
Scan Archives
 Yes
 
Scan Packed
 Yes
 
Scan Files
 Yes
 
Scan Boot
 Yes
 
  
  
 
  Scanned File
  Status
 
C:\Users\siMohammed\AppData\Local\Temp\~PI3B27.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PI3B27.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PI3B27.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PI663F.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PI663F.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PI663F.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PI83A2.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PI83A2.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PI83A2.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PI912F.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PI912F.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PI912F.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PI9C09.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PI9C09.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PI9C09.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA5E9.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA5E9.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA5E9.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA934.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA934.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIA934.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAC22.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAC22.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAC22.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAF3F.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAF3F.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIAF3F.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB1DF.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB1DF.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB1DF.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB49E.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB49E.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB49E.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB71E.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB71E.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB71E.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB9DD.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB9DD.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIB9DD.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIC5B3.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIC5B3.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIC5B3.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PID450.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PID450.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PID450.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PID4A1.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PID4A1.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PID4A1.tmp
 Deleted
 
C:\Users\siMohammed\AppData\Local\Temp\~PIE0D2.tmp
 Infected with: Exploit.Win32.MS04-028.Gen
 
C:\Users\siMohammed\AppData\Local\Temp\~PIE0D2.tmp
 Disinfection failed
 
C:\Users\siMohammed\AppData\Local\Temp\~PIE0D2.tmp
 Deleted
 
G:\Trucs\msn trucs\msndiscovery\MDL_1.1.0155.exe=>(Instyler o)=>(Instyler Module 0)
 Detected with: Adware.Mdladvert.I
 
G:\Trucs\msn trucs\msndiscovery\MDL_1.1.0155.exe=>(Instyler o)=>(Instyler Module 0)
 Deleted
 
G:\Trucs\msn trucs\msndiscovery\MDL_1.1.0155.exe=>(Instyler o)
 Update failed
 
  
 
 
  
  Merci cher ami

mizo2511 · Answer

salut
j ai collé le rapport de bitdeffender scan online
Merci pour votre aide

mizo2511 · Answer

Bonjour 
j attend tjrs votre aide
merci

mizo2511 · Answer

j attend tjrs votre aide

mizo2511 · Answer

qqn pour m aider

raphy00 · Answer

Re,

Je suis la.

Alors :

As tu CCleaner ?

Si non, telecharge le dans le site, onglet telecharger.
Tu fais une analyse nettoyeur et registre 2 ou 3 fois comme ca il fait propre.


Voila.

(( Ca sert a rien de s'impatienter, je reponds de toute facon :)) ))

raphy00 · Answer

Re,

Il y a des chances que oui.
De toute facon CCleaner est un logiciel que je conseille de garder.

Ensuite, je voulais savoir si tu as un anti spyware.
Sinon essaie de telecharger Spybot, ou Spyware Terminator, sur le site, onglet telecharger.

D'ailleurs, peux tu me dire precisement ce que te signale Kapersky ?

Je t'attends !

:))

"keylogger" besoin d'aide

14 réponses

Discussions similaires