Virus peut-être ?

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1159
Windows 5.1.2600 Service Pack 3

15/10/2008 17:01:44
mbam-log-2008-10-15 (17-01-44).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 116339
Temps écoulé: 43 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Bureau\OAD.exe (Adware.Agent) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:05, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fiat\ePER\j2sdk1.4.1\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

pour ce probleme la oui par contre c qoi ce trojan que g vu en faisant cccleaner
tr/dldr.vb.hzv trojan
bonne soiree je m envais a demain merci encore et bonne soiree

salut quelle galere lance a 9h27 fini a 12h....
enfin c pas grave voici le rapport


Avira AntiVir Personal
Report file date: jeudi 16 octobre 2008 09:16

Scanning for 1686590 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Save mode
Username: Christophe
Computer name: ATELIER

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 08/10/2008 05:15:36
ANTIVIR3.VDF : 7.0.7.45 241664 Bytes 15/10/2008 05:23:46
Engineversion : 8.2.0.4
AEVDF.DLL : 8.1.0.6 102772 Bytes 16/10/2008 05:24:02
AESCRIPT.DLL : 8.1.1.8 319866 Bytes 16/10/2008 05:24:01
AESCN.DLL : 8.1.1.3 123252 Bytes 16/10/2008 05:24:00
AERDL.DLL : 8.1.1.2 438644 Bytes 19/09/2008 05:31:47
AEPACK.DLL : 8.1.2.4 369014 Bytes 16/10/2008 05:23:59
AEOFFICE.DLL : 8.1.0.28 196987 Bytes 16/10/2008 05:23:55
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 19/09/2008 05:31:44
AEHELP.DLL : 8.1.1.2 115062 Bytes 16/10/2008 05:23:54
AEGEN.DLL : 8.1.0.41 319861 Bytes 16/10/2008 05:23:53
AEEMU.DLL : 8.1.0.9 393588 Bytes 16/10/2008 05:23:51
AECORE.DLL : 8.1.2.6 172406 Bytes 16/10/2008 05:23:50
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 05:23:49
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 27/08/2008 13:25:24
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: jeudi 16 octobre 2008 09:16

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '50' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Incomplete\T-10430244-cocks, adult movies wifey student, xxx infirmiere dorcel qu.avi
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '4927fa0e.qua'!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\janine lindemulder virtual sex xxx marc dorcel hotesses hel.avi
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '4964fa6b.qua'!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\madcom 192kb.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '495afab1.qua'!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\madcom.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '495afab7.qua'!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\xxx amateur fr ma femme baise, gauge lesbian sybian workout.avi
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '496efaf3.qua'!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\xxx marc dorcel hotesses dvd qsh c patricia blowjob misc co.avi
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was moved to '496efb0d.qua'!


End of the scan: jeudi 16 octobre 2008 12:47
Used time: 3:30:54 Hour(s)

The scan has been done completely.

12002 Scanning directories
332256 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
332249 Files not concerned
3125 Archives were scanned
1 Warnings
6 Notes

les 6 trucs c etait exp/asfgen.codec.gen
1 je sais pas

KASPERSKY ON-LINE SCANNER REPORT
Thursday, October 16, 2008 3:46:53 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 16/10/2008
Enregistrements dans la base antivirus Kaspersky : 1176808


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\

Statistiques de l'analyse
Total d'objets analysés 82670
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:50:25

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Outlook\outcmd.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Outlook\outlook.pst L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012008101620081017\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\Administrateur\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Program Files\Fiat\ePER\appsrv\site\WEB-INF\db\dbapp.ldb L'objet est verrouillé ignoré

C:\Program Files\Fiat\ePER\appsrv\site\WEB-INF\db\dbapp.mdb L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\debug.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\debug.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\error.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\error.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\hips.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\hips.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\ids.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\ids.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\network.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\network.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\SbFw.etl L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\SbFwIm.etl L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\system.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\system.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\warning.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\warning.log.idx L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\web.log L'objet est verrouillé ignoré

C:\Program Files\Sunbelt Software\Personal Firewall\Logs\web.log.idx L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{6EA709D0-C8EF-4C25-A078-BF338034F8E8}\RP568\A0418103.exe L'objet est verrouillé ignoré

C:\System Volume Information\_restore{6EA709D0-C8EF-4C25-A078-BF338034F8E8}\RP568\change.log L'objet est verrouillé ignoré

C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

Analyse terminée.


voila le raport que tu ma demander

pendant que je faisait celas antivir ma dit attention tr/trash.gen

merci de ta patience

voila g fait la premiere partit c a dire fixe les lignes et te renvoi un rapport
juste av il m avais mit encore tr/trash.gen je verrai demain si il me le remet car je part dans 10 minutes a demain merci de ta patience comment puis je faire pour te donner mes coordonnes sans que toute la planete soit au courant peu etre qu en discutent au tel on pourra avancer differament car comme je t lest dit je ne suis pas douer en info merci a demain

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:17, on 16/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

g u que le log.txt
Logfile of random's system information tool 1.04 (written by random/random)
Run by Christophe at 2008-10-17 07:57:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 958 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:57:18, on 17/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Documents and Settings\Administrateur\Bureau\abs\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Christophe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

c qoi rsit

rapport otmove
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWAS6V_0001_N91M2208\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDR6V_Check\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f12ed4c-2964-11dc-9dae-00161763d95d}\\ deleted successfully.
========== FILES ==========
C:\Program Files\Everest Poker\history moved successfully.
C:\Program Files\Everest Poker\data\startup\shared\sounds moved successfully.
C:\Program Files\Everest Poker\data\startup\shared\icons moved successfully.
C:\Program Files\Everest Poker\data\startup\shared\bitmaps moved successfully.
C:\Program Files\Everest Poker\data\startup\shared moved successfully.
C:\Program Files\Everest Poker\data\startup\fr moved successfully.
C:\Program Files\Everest Poker\data\startup\en moved successfully.
C:\Program Files\Everest Poker\data\startup moved successfully.
C:\Program Files\Everest Poker\data\shared\shared\sounds moved successfully.
C:\Program Files\Everest Poker\data\shared\shared\bitmaps moved successfully.
C:\Program Files\Everest Poker\data\shared\shared moved successfully.
C:\Program Files\Everest Poker\data\shared\fr moved successfully.
C:\Program Files\Everest Poker\data\shared moved successfully.
C:\Program Files\Everest Poker\data\mp-poker\fr moved successfully.
C:\Program Files\Everest Poker\data\mp-poker\background moved successfully.
C:\Program Files\Everest Poker\data\mp-poker moved successfully.
C:\Program Files\Everest Poker\data\mp-lobby moved successfully.
C:\Program Files\Everest Poker\data\fonts moved successfully.
C:\Program Files\Everest Poker\data moved successfully.
C:\Program Files\Everest Poker moved successfully.
File/Folder C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe not found.
File move failed. D:\autorun.exe scheduled to be moved on reboot.
File/Folder E:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe not found.
File/Folder C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fla7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET84FD.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET88D6.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET88E5.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET8A4C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JETD3E7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JETE404.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10172008_100451

Files moved on Reboot...
File move failed. D:\autorun.exe scheduled to be moved on reboot.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fla7.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET84FD.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET88D6.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET88E5.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET8A4C.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JETD3E7.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JETE404.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.


il ma remis ce matin tr/trash.gen (dans antivir )

ANTIVIR ME MARQUE A L INSTANT C:\system volume information\...a0418103.exe
is the tr/trash.gen trojan
au niveau de la mise en quarantaine il me met celas
c:\systeme volume information\_restore{6ea709d0-c8ef-4c25-a078-bf338034f8e8}\rp568\a0418103.exe

j espere que celas va t aider
merci

pas possible de scanner en ligne il ne met pas a jour ......

g l est fais maintenant j attend on verra mais a mon avis pas avant lundi
merci et bon bon week end

salut merci encore

aujourd huit zero probleme qu n pense tu a demain bonne soiree

bonjour
voila ce qu il atrover
[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\*.msnfix: trouvé !
C:\Lop SD: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Administrateur\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\Msnfix.zip: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc.zip: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\hijackthis.log: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\fixnavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\cleannavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\MsnFix: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\MSNFix\MsnFix: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\hijackthis.log: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\fixnavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\cleannavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\HijackThis.exe: trouvé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\hijackthis.log: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

voila ce qu il supprimer

[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\*.msnfix: trouvé !
C:\Lop SD: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Administrateur\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\Msnfix.zip: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc.zip: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\hijackthis.log: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\fixnavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\cleannavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\MsnFix: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc: trouvé !
C:\Documents and Settings\Administrateur\Bureau\abs\MSNFix\MsnFix: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\hijackthis.log: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\fixnavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\cleannavi.txt: trouvé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\HijackThis.exe: trouvé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\hijackthis.log: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Administrateur\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Administrateur\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\Msnfix.zip: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc.zip: supprimé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\HijackThis.exe: supprimé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\*.msnfix: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Administrateur\Bureau\abs\hijackthis.log: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\fixnavi.txt: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\cleannavi.txt: supprimé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\hijackthis.log: supprimé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\fixnavi.txt: supprimé !
C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\cleannavi.txt: supprimé !
C:\Documents and Settings\Administrateur\Mes documents\hijackthis_199\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
C:\Lop SD: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\MsnFix: supprimé !
C:\Documents and Settings\Administrateur\Bureau\abs\GenProc: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Corbeille vidée!

Vulnerability Intelligence Vulnerability Scanning Blog - new entry! Corporate Information Online Shop Customer Login

Online (OSI) Personal (PSI) Network (NSI) 2.0

Home > Vulnerability Scanning > Online (OSI) > Scan Now
Online (OSI)


Scan Now

Programs Covered

Reminder Service

Tell a Friend

System Requirements

Privacy

FAQ




Scan Now
The Secunia Online Software Inspector will inspect your operating system and software for insecure versions and missing security updates. A default inspection normally lasts 5-40 seconds, while a thorough inspection may take several minutes. Note: If you have anti-virus software or similar enabled, an inspection may increase significantly in duration.


Detection Statistics:

12 Applications Detected in Total
5 Insecure Versions Detected
7 Patched Versions Detected

Running For:
1 Minute, 15 Seconds

Errors with the scan:
0 Errors Detected, scan result should be correct
Enable thorough system inspection
Enable the Secunia Online Software Inspector to search for software installed in non-default locations.
Status / Currently Processing:

Detection completed successfully





Programs / Result Version Detected Status
Microsoft Windows XP Professional Service Pack 3
This installation of Microsoft Windows XP Professional is insecure and potentially exposes your system to security threats!

Your system does not have all security related patches from Microsoft installed. Please see list below for details about the missing patches.

Update Instructions:
You do not have the following Microsoft security updates installed:
KB938464
KB954211
KB956803
KB956841
KB957095

Visit Windows Update to install the missing patches.
Adobe Reader 9.x 9.0.0.332

Apple QuickTime 7.x 7.55.90.70

iTunes 8.x 8.0.1.11

Microsoft Internet Explorer 7.x 7.0.6000.16705

Microsoft Outlook Express 6 6.00.2900.5512

Microsoft Windows Media Player 11.x 11.0.5721.5145

RealPlayer 10.x 6.0.12.1662
This installation of RealPlayer 10.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.12.1662, however, the latest patched version released by the vendor, fixing one or more vulnerabilities, is 6.0.12.1675.

Update Instructions:
Download


Installed on Your System in:
C:\Program Files\Real\RealPlayer\realplay.exe
Safari for Windows 3.x 3.525.21.0

Sun Java JRE 1.5.x / 5.x 5.0.110.3
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.110.3, however, the latest patched version released by the vendor, fixing one or more vulnerabilities, is 5.0.160.2.

Update Instructions:
Download


Installed on Your System in:
C:\Program Files\Java\jre1.5.0_11\bin\java.exe
Sun Java JRE 1.6.x / 6.x 6.0.70.6

Sun Java JRE 1.6.x / 6.x 6.0.0.105
This installation of Sun Java JRE 1.6.x / 6.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.0.105, however, the latest patched version released by the vendor, fixing one or more vulnerabilities, is 6.0.70.0.

Update Instructions:
Download


Installed on Your System in:
C:\Program Files\Java\jre1.6.0\bin\java.exe

voila ce que me met le control https://www.flexera.com/products/operations/software-vulnerability-management.html