Sujet Précédent Sujet Suivant

Je pense que c'est un virus

Résolu
Bauzau -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour, j'ai exactement le même problème avec msn, il envoie "hey you got a photo album? anyways heres my new photo album :) accept k?" à mes contacts. Est j'ai fais le truc avec Hijack est sa ma donner sa:-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:10 PM, on 10/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTSvcCDA.exe
c:\docume~1\home\locals~1\temp\cdm\{4a9aaaac-eee3-429d-b7f3-775a61566db2}\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\V0420Mon.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\AdVantage\AdVantage.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\home\LOCALS~1\Temp\Rar$EX00.172\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\home\dldckh.exe \o
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
O4 - HKLM\..\Run: [Ulead Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
O4 - HKLM\..\Run: [pdn] C:\WINDOWS\system32\pdn.exe \j
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [AdVantage] "C:\Program Files\AdVantage\AdVantage.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000
O8 - Extra context menu item: Download with ImTOO Download YouTube Video - C:\Program Files\ImTOO\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB9D5A95-7C09-4BDA-8B40-41FE3AB98CC3}: NameServer = 202.123.2.35 202.123.2.11
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\docume~1\home\locals~1\temp\cdm\{4a9aaaac-eee3-429d-b7f3-775a61566db2}\STacSV.exe
A voir également:

150 réponses

Précédent
Réponse 81 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Non je trouve pas , Mais je me rappelle que il y avais trouver qu'un warning la même chose quand je l'ai fais en mode normal
0
Réponse 82 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Ok, sinon, ça va mieux ?
0
Réponse 83 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Non sa refais la même chose , y a des fenêtre de mes contact qui font des flash sur mon écran est quand j'essaie de me déconnecter sa bloc a peut prés trois second
0
Réponse 84 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
* Rends-toi à l'onglet Affichage
* Menu "Outils "
* Clique sur "Options des dossiers... "
* Puis clique sur l'onglet "Affichage"
* Coche la case "Afficher les fichiers et dossiers cachés"
* Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
* Clique sur le bouton "Appliquer à tous les dossiers" puis clique sur "OK"
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Dans le windows live messenger tu me demande ?
0
Réponse 86 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Non, dans Mes Documents par exemple.
0
Réponse 87 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Ok je l'ai fais
0
Réponse 88 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Refais un scan avec Antivir en mode normal.
0
Réponse 89 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Voila

Avira AntiVir Personal
Report file date: Monday, October 20, 2008 23:31

Scanning for 1369550 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: HOME-80C6BB336C

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 14:54:15
ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 6/30/2008 06:20:53
ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 6/30/2008 10:24:47
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 10:58:21
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 8/6/2008 14:13:47
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 13:44:49
AERDL.DLL : 8.1.0.20 418165 Bytes 4/24/2008 13:37:48
AEPACK.DLL : 8.1.2.1 364917 Bytes 7/15/2008 13:58:35
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 7/18/2008 07:35:21
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 8/6/2008 14:13:47
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 13:44:48
AEGEN.DLL : 8.1.0.35 315764 Bytes 8/6/2008 15:38:47
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 09:33:21
AECORE.DLL : 8.1.1.8 172406 Bytes 7/31/2008 09:33:21
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 13:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 10:28:01
AVREP.DLL : 7.0.0.1 155688 Bytes 6/30/2008 15:35:20
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Monday, October 20, 2008 23:31

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'NclRSSrv.exe' - '1' Module(s) have been scanned
Scan process 'NclUSBSrv.exe' - '1' Module(s) have been scanned
Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'CTLCMgr.exe' - '1' Module(s) have been scanned
Scan process 'PCSuite.exe' - '1' Module(s) have been scanned
Scan process 'PcSync2.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'CalCheck.exe' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'Mediadet.exe' - '1' Module(s) have been scanned
Scan process 'V0420Mon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'sttray.exe' - '1' Module(s) have been scanned
Scan process 'CTNotify.exe' - '1' Module(s) have been scanned
Scan process 'NewsUpd.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ctsvccda.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '59' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!

End of the scan: Tuesday, October 21, 2008 00:03
Used time: 31:18 Minute(s)

The scan has been done completely.

5123 Scanning directories
259378 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
259377 Files not concerned
1906 Archives were scanned
1 Warnings
0 Notes
0
Réponse 90 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
- Fais un scan en ligne ici https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (Avec Internet Explorer)

- En bas à droite, clique sur Démarrer Online-scanner

- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte

- Accepte les Contrôles ActiveX

- Choisis Poste de travail pour le scan.

- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport

- Pour t'aider à utiliser le scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

- Lis ceci en cas de problème d'installation du Contrôle ActiveX :
http://cybersecurite.xooit.com/t123-Les-controles-ActiveX.htm
0
Réponse 91 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Voici le rapport

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, October 21, 2008 4:59:57 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 21/10/2008
Enregistrements dans la base antivirus Kaspersky : 1192296
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\

Statistiques de l'analyse:
Total d'objets analysés: 65581
Nombre de virus trouvés: 1
Nombre d'objets infectés: 20 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:09:32

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\Desktop\SDFix\backups\backups.zip/backups/photo.zip/photo1226.jpeg-www.myspace.com Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\Desktop\SDFix\backups\backups.zip/backups/photo.zip Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\Desktop\SDFix\backups\backups.zip ZIP: infecté - 2 ignoré
C:\Documents and Settings\home\dldckh.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\dldckh.MSNFix Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Adobe\Acrobat\9.0\Updater\updater.log L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Adobe\Updater6\aumLib.log L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\temp\A9R7D06.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\temp\etilqs_HHFicldavZR4rLmugoI2 L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\temp\NGLALog.txt L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\temp\photo.zip/photo1226.jpeg-www.myspace.com Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\Local Settings\temp\photo.zip ZIP: infecté - 1 ignoré
C:\Documents and Settings\home\Local Settings\temp\~DF6216.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip/photo1226.jpeg-www.myspace.com Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip ZIP: infecté - 1 ignoré
C:\Documents and Settings\home\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\home\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Qoobox\Quarantine\C\Documents and Settings\home\dldckh.exe.vir Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\Qoobox\Quarantine\C\WINDOWS\system32\pdn.exe.vir Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP102\change.log L'objet est verrouillé ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP70\A0017183.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP71\A0018335.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP87\A0023066.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP87\A0023070.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP89\A0023438.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP89\A0023442.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP90\A0023711.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\System Volume Information\_restore{A9A67712-FBB8-418B-B2CB-232F766D474E}\RP90\A0023715.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\pdn.exe Infecté : Backdoor.Win32.Agent.tdw ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.
0
Réponse 92 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\Documents and Settings\home\dldckh.exe
C:\Documents and Settings\home\dldckh.MSNFix
C:\Documents and Settings\home\Local Settings\temp\photo.zip/photo1226.jpeg-www.myspace.com
C:\Documents and Settings\home\Local Settings\temp\photo.zip ZIP
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip/photo1226.jpeg-www.myspace.com
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip
C\WINDOWS\system32\pdn.exe

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 93 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Voila c'est la

Error: Unable to interpret <C:\Documents and Settings\home\Local Settings\temp\photo.zip/photo1226.jpeg-www.myspace.com> in the current context!
Error: Unable to interpret <C:\Documents and Settings\home\Local Settings\temp\photo.zip ZIP> in the current context!
Error: Unable to interpret <C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip/photo1226.jpeg-www.myspace.com> in the current context!
Error: Unable to interpret <C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip> in the current context!
Error: Unable to interpret <C\WINDOWS\system32\pdn.exe> in the current context!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\etilqs_xfeKqE6VFTbxBOV4w3AA scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\NGLALog.txt scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\~DF8034.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10212008_211754

Files moved on Reboot...
File C:\DOCUME~1\home\LOCALS~1\Temp\etilqs_xfeKqE6VFTbxBOV4w3AA not found!
C:\DOCUME~1\home\LOCALS~1\Temp\NGLALog.txt moved successfully.
C:\DOCUME~1\home\LOCALS~1\Temp\~DF8034.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\urlclassifier3.sqlite moved successfully.
0
Réponse 94 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Je me suis un peu trompé.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\Documents and Settings\home\dldckh.exe
C:\Documents and Settings\home\dldckh.MSNFix
C:\Documents and Settings\home\Local Settings\temp\photo.zip
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip
C:\WINDOWS\system32\pdn.exe

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 95 / 150
Bauzau Messages postés 116 Statut Membre 5
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Documents and Settings\home\dldckh.exe not found.
File/Folder C:\Documents and Settings\home\dldckh.MSNFix not found.
C:\Documents and Settings\home\Local Settings\temp\photo.zip moved successfully.
C:\Documents and Settings\home\My Documents\Mes fichiers reçus\photo.zip moved successfully.
C:\WINDOWS\system32\pdn.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\etilqs_xejxfKwohgugqZfbHnpH scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\NGLALog.txt scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\home\LOCALS~1\Temp\~DFCC9E.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10212008_215907

Files moved on Reboot...
File C:\DOCUME~1\home\LOCALS~1\Temp\etilqs_xejxfKwohgugqZfbHnpH not found!
C:\DOCUME~1\home\LOCALS~1\Temp\NGLALog.txt moved successfully.
C:\DOCUME~1\home\LOCALS~1\Temp\~DFCC9E.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\home\Local Settings\Application Data\Mozilla\Firefox\Profiles\pxotx1im.default\urlclassifier3.sqlite moved successfully.
0
Réponse 96 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
On dirait que ça a marché. Qu'en dis-tu ?
0
Réponse 97 / 150
Bauzau Messages postés 116 Statut Membre 5
 
je sais pas...je vais te faire savoir
0
Réponse 98 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Effectivement sa a marché :-) , mille merci ,dis moi tu es le fils de Bill gates :-) ?
0
Réponse 99 / 150
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
On va finir quand même.

---> Poste un nouveau rapport HijackThis.
0
Réponse 100 / 150
Bauzau Messages postés 116 Statut Membre 5
 
Voila c'est la Mr.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:21 PM, on 10/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\V0420Mon.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
O4 - HKLM\..\Run: [Ulead Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
O4 - HKLM\..\Run: [pdn] C:\WINDOWS\system32\pdn.exe \j
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000
O8 - Extra context menu item: Download with ImTOO Download YouTube Video - C:\Program Files\ImTOO\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB9D5A95-7C09-4BDA-8B40-41FE3AB98CC3}: NameServer = 202.123.2.35 202.123.2.11
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - Unknown owner - c:\docume~1\home\locals~1\temp\cdm\{4a9aaaac-eee3-429d-b7f3-775a61566db2}\STacSV.exe (file missing)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses