Rapports avg, bitdefender et hijack
Résolu
unmecdu65
Messages postés
775
Statut
Membre
-
unmecdu65 Messages postés 775 Statut Membre -
unmecdu65 Messages postés 775 Statut Membre -
Bonjour,
depuis quelques temps mon ordi rame terriblement et parfois même la barre démarrer et le bureau qui s'efface et réaparraisse donc j'ai suivi à la lettre les " méthodes préliminaires de désinfection " de CCM et voilà mes 3 rapports dans l'ordre (AVG, BitDefender, Hijackthis) :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 13:48:30 28/10/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Tony_2\Cookies\tony_2@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
Fin du rapport
-------------------------------------------------------------------------------------------------
BitDefender Online Scanner
Scan report generated at: Tue, Oct 28, 2008 - 16:38:46
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
02:29:55
Files
166117
Folders
3802
Boot Sectors
0
Archives
2100
Packed Files
8829
Results
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
1971512
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
16
Archive plugins
43
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
No virus found.
----------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:19, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://volno.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\dplayx32.dll
O20 - Winlogon Notify: f8fad50e486 - C:\WINDOWS\System32\dplayx32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
End of file - 5938 bytes
depuis quelques temps mon ordi rame terriblement et parfois même la barre démarrer et le bureau qui s'efface et réaparraisse donc j'ai suivi à la lettre les " méthodes préliminaires de désinfection " de CCM et voilà mes 3 rapports dans l'ordre (AVG, BitDefender, Hijackthis) :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 13:48:30 28/10/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Tony_2\Cookies\tony_2@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
Fin du rapport
-------------------------------------------------------------------------------------------------
BitDefender Online Scanner
Scan report generated at: Tue, Oct 28, 2008 - 16:38:46
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
02:29:55
Files
166117
Folders
3802
Boot Sectors
0
Archives
2100
Packed Files
8829
Results
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
1971512
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
16
Archive plugins
43
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
No virus found.
----------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:19, on 28/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://volno.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\dplayx32.dll
O20 - Winlogon Notify: f8fad50e486 - C:\WINDOWS\System32\dplayx32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
End of file - 5938 bytes
A voir également:
- Rapports avg, bitdefender et hijack
- Avg free - Télécharger - Antivirus & Antimalwares
- Bitdefender free - Télécharger - Antivirus & Antimalwares
- Bitdefender - Accueil - Sécurité
- Hijack this - Télécharger - Antivirus & Antimalwares
- Avg rescue cd - Télécharger - Divers Utilitaires
49 réponses
Logfile of random's system information tool 1.04 (written by random/random)
Run by Tony_2 at 2008-10-30 14:33:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 18 GB (46%) free of 39 GB
Total RAM: 255 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:34:06, on 30/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Tony_2\Mes documents\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tony_2.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\dplayx32.dll
O20 - Winlogon Notify: f8fad50e486 - C:\WINDOWS\System32\dplayx32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Run by Tony_2 at 2008-10-30 14:33:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 18 GB (46%) free of 39 GB
Total RAM: 255 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:34:06, on 30/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Tony_2\Mes documents\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tony_2.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\dplayx32.dll
O20 - Winlogon Notify: f8fad50e486 - C:\WINDOWS\System32\dplayx32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Télécharge FindyKill de Chiquitine29
****Notes importantes****
* si tu as le programme "Elibagla" sur ton PC , supprime le ( risque de conflit entre les deux outils ) .
Fais un clic droit sur le lien, enregister sous .....sur le bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
Dézippe le sur le bureau
Entre dans le dossier FindyKill
double clic sur FindyKill.exe
choisi l option 1 (recherche)
un rapport va s ouvrir, post le dans ta prochaine réponse stp
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
****Notes importantes****
* si tu as le programme "Elibagla" sur ton PC , supprime le ( risque de conflit entre les deux outils ) .
Fais un clic droit sur le lien, enregister sous .....sur le bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
Dézippe le sur le bureau
Entre dans le dossier FindyKill
double clic sur FindyKill.exe
choisi l option 1 (recherche)
un rapport va s ouvrir, post le dans ta prochaine réponse stp
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
----------------- FindyKill V4.095 ------------------
* User : Tony_2 - MICROSOF-2F4272
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Recherche effectuée à 10:04:10 le 31/10/2008
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Tony_2\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Tony_2\LOCALS~1\Temp
--------------- [ Registre / Startup ] ----------------
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
------------------- ! Fin du rapport ! --------------------
* User : Tony_2 - MICROSOF-2F4272
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Recherche effectuée à 10:04:10 le 31/10/2008
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Tony_2\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Tony_2\LOCALS~1\Temp
--------------- [ Registre / Startup ] ----------------
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
------------------- ! Fin du rapport ! --------------------
ah?tiens marrant,il a pas vu un truc...pas grave!!
recommence ot moveit avec ceci stp
:Processes
explorer.exe
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f8fad50e486]
C:\WINDOWS\System32\dplayx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=-
:files
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\system32\1.tmp
C:\WINDOWS\system32\270.tmp
C:\WINDOWS\system32\8DC.tmp
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
recommence ot moveit avec ceci stp
:Processes
explorer.exe
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f8fad50e486]
C:\WINDOWS\System32\dplayx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=-
:files
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\system32\1.tmp
C:\WINDOWS\system32\270.tmp
C:\WINDOWS\system32\8DC.tmp
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
je n'arrive pas a me servir du logiciel je fais copier/coller, puis move it! et après il affiche 2-3 phrases de l'autre côté et puis après plus rien, il plante
desinstalle le
puis tu le réinstalle
http://oldtimer.geekstogo.com/OTMoveIt3.exe
lance le uniquement avec ceci
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f8fad50e486]
C:\WINDOWS\System32\dplayx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=-
:files
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\system32\1.tmp
C:\WINDOWS\system32\270.tmp
C:\WINDOWS\system32\8DC.tmp
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
puis tu le réinstalle
http://oldtimer.geekstogo.com/OTMoveIt3.exe
lance le uniquement avec ceci
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f8fad50e486]
C:\WINDOWS\System32\dplayx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=-
:files
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\system32\1.tmp
C:\WINDOWS\system32\270.tmp
C:\WINDOWS\system32\8DC.tmp
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
non il ne veut toujours pas ! il démarre et de suite après il plante alors je fais ctrl+alt+suppr et il y a écrit "pas de réponse"
Mon avis est Avast!, McAfee et Norton sont loin de ce que l'on a fait de mieux en matière de protection, ce sont des antivirus que je déconseille :
Avast! VS Antivir (Mai 2007): https://forum.malekal.com/viewtopic.php?f=45&t=3528
Avast! VS Antivir VS AVG 8 (Mai 2008): https://forum.malekal.com/viewtopic.php?f=45&t=11659
Si vous avez Avast!, Norton ou McAfee: A lire: http://forum.malekal.com/viewtopic.php?f=3&t=9631
Graph : http://winnow.oitc.com/AntiVirusPerformance.html
Stats : http://winnow.oitc.com/avmalwarestats.php
Pour moi, Antivir et AVG 8 sont beaucoup plus performants : C'est pourquoi, je te conseille TRES VIVEMENT de désinstaller ton antivirus et installer Antivir ou AVG 8 à la place (selon ton choix) .... ce n'est bien sûr pas une obligation mais un conseil.
Tu trouveras un tutorial Antivir depuis ce lien : https://www.malekal.com/avira-free-security-antivirus-gratuit/
- Après l'installation, mets le à jour - si ton firewall fait une alerte.. accepte la connexion.
- Assure toi qu'Antivir est bien à jour, vérifie la date d'update.
-- Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
- Ouvre Antivir par le menu Démarrer / Programmes
- Clique sur l'onglet Scanner.
- Sélectionne "Manual Selection"
- Sélectionne ton/tes disque(s)
- Lance le scan - Mets en quarantaine tous les éléments détectés.
- Une fois le scan terminé enregistre le rapport.
Redémarre en mode normal.
Poste le rapport ici.
pour désinstaller norton
Rends toi sur ce lien : Norton removal tool
Clique sur "Download" en fin de page.
Enregistre le fichier sur ton bureau, puis double-clique dessus et suis les instructions.
Il te sera normalement demandé de redémarrer ton PC, redémarre.
Avast! VS Antivir (Mai 2007): https://forum.malekal.com/viewtopic.php?f=45&t=3528
Avast! VS Antivir VS AVG 8 (Mai 2008): https://forum.malekal.com/viewtopic.php?f=45&t=11659
Si vous avez Avast!, Norton ou McAfee: A lire: http://forum.malekal.com/viewtopic.php?f=3&t=9631
Graph : http://winnow.oitc.com/AntiVirusPerformance.html
Stats : http://winnow.oitc.com/avmalwarestats.php
Pour moi, Antivir et AVG 8 sont beaucoup plus performants : C'est pourquoi, je te conseille TRES VIVEMENT de désinstaller ton antivirus et installer Antivir ou AVG 8 à la place (selon ton choix) .... ce n'est bien sûr pas une obligation mais un conseil.
Tu trouveras un tutorial Antivir depuis ce lien : https://www.malekal.com/avira-free-security-antivirus-gratuit/
- Après l'installation, mets le à jour - si ton firewall fait une alerte.. accepte la connexion.
- Assure toi qu'Antivir est bien à jour, vérifie la date d'update.
-- Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
- Ouvre Antivir par le menu Démarrer / Programmes
- Clique sur l'onglet Scanner.
- Sélectionne "Manual Selection"
- Sélectionne ton/tes disque(s)
- Lance le scan - Mets en quarantaine tous les éléments détectés.
- Une fois le scan terminé enregistre le rapport.
Redémarre en mode normal.
Poste le rapport ici.
pour désinstaller norton
Rends toi sur ce lien : Norton removal tool
Clique sur "Download" en fin de page.
Enregistre le fichier sur ton bureau, puis double-clique dessus et suis les instructions.
Il te sera normalement demandé de redémarrer ton PC, redémarre.
Avira AntiVir Personal
Report file date: vendredi 31 octobre 2008 13:44
Scanning for 1001338 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Tony_2
Computer name: MICROSOF-2F4272
Version information:
BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:32:43
ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 31/10/2008 12:32:50
ANTIVIR2.VDF : 7.1.0.22 2048 Bytes 31/10/2008 12:32:51
ANTIVIR3.VDF : 7.1.0.24 8192 Bytes 31/10/2008 12:32:51
Engineversion : 8.2.0.10
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.9 319867 Bytes 31/10/2008 12:33:15
AESCN.DLL : 8.1.1.3 123252 Bytes 14/10/2008 11:05:56
AERDL.DLL : 8.1.1.2 438644 Bytes 12/09/2008 07:06:02
AEPACK.DLL : 8.1.2.4 369014 Bytes 14/10/2008 11:05:56
AEOFFICE.DLL : 8.1.0.29 196988 Bytes 31/10/2008 12:33:12
AEHEUR.DLL : 8.1.0.63 1479032 Bytes 31/10/2008 12:33:09
AEHELP.DLL : 8.1.1.2 115062 Bytes 14/10/2008 11:05:56
AEGEN.DLL : 8.1.0.42 319861 Bytes 31/10/2008 12:32:59
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.2.9 172407 Bytes 31/10/2008 12:32:55
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/10/2008 12:32:52
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 31 octobre 2008 13:44
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\dplayx32.dll
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The driver could not be initialized.
[NOTE] The file is scheduled for deleting after reboot.
The registry was scanned ( '47' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\admparse.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\advpack.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\browseui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\corpol.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\custsat.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\dxtmsft.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\dxtrans.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\extmgr.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\hmmapi.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\icardie.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ie4uinit.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieakeng.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieaksie.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieakui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieapfltr.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iedkcs32.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iedw.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieencode.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieframe.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iepeers.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieproxy.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iernonce.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iertutil.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iesetup.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieudinit.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iexplore.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\imgutil.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\inseng.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\jscript.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\jsproxy.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\licmgr10.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeeds.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeedsbs.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeedssync.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshta.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtml.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtmled.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtmler.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msls31.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msrating.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mstime.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\occache.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\pngfilt.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\shdocvw.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\shlwapi.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spmsg.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spuninst.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spupdsvc.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\url.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\urlmon.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\vbscript.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\vgx.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\webcheck.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\winfxdocobj.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\wininet.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\dplayx32.dll
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[WARNING] Error in ARK lib
[NOTE] The file is scheduled for deleting after reboot.
C:\WINDOWS\system32\GroupPolicyManifest\crack.zip
[NOTE] The file was moved to '496c0bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free access to 150 adult sites.zip
[NOTE] The file was moved to '49700bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free adult videos.zip
[NOTE] The file was moved to '49700bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free porn passwords.zip
[NOTE] The file was moved to '49700bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\installer.zip
[NOTE] The file was moved to '497e0bc7.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\keygen.zip
[NOTE] The file was moved to '49840bbf.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nocd.zip
[NOTE] The file was moved to '496e0bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nodvd.zip
[NOTE] The file was moved to '496f0bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\patch.zip
[NOTE] The file was moved to '497f0bbd.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\serial.zip
[NOTE] The file was moved to '497d0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\setup.zip
[NOTE] The file was moved to '497f0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\unpack.zip
[NOTE] The file was moved to '497b0bcc.qua'!
Begin scan in 'D:\' <TONY>
Begin scan in 'E:\' <TONY1>
End of the scan: vendredi 31 octobre 2008 14:43
Used time: 59:25 Minute(s)
The scan has been done completely.
3821 Scanning directories
224408 Files were scanned
14 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
57 Files cannot be scanned
224337 Files not concerned
1112 Archives were scanned
59 Warnings
14 Notes
Report file date: vendredi 31 octobre 2008 13:44
Scanning for 1001338 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Tony_2
Computer name: MICROSOF-2F4272
Version information:
BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:32:43
ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 31/10/2008 12:32:50
ANTIVIR2.VDF : 7.1.0.22 2048 Bytes 31/10/2008 12:32:51
ANTIVIR3.VDF : 7.1.0.24 8192 Bytes 31/10/2008 12:32:51
Engineversion : 8.2.0.10
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.9 319867 Bytes 31/10/2008 12:33:15
AESCN.DLL : 8.1.1.3 123252 Bytes 14/10/2008 11:05:56
AERDL.DLL : 8.1.1.2 438644 Bytes 12/09/2008 07:06:02
AEPACK.DLL : 8.1.2.4 369014 Bytes 14/10/2008 11:05:56
AEOFFICE.DLL : 8.1.0.29 196988 Bytes 31/10/2008 12:33:12
AEHEUR.DLL : 8.1.0.63 1479032 Bytes 31/10/2008 12:33:09
AEHELP.DLL : 8.1.1.2 115062 Bytes 14/10/2008 11:05:56
AEGEN.DLL : 8.1.0.42 319861 Bytes 31/10/2008 12:32:59
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.2.9 172407 Bytes 31/10/2008 12:32:55
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/10/2008 12:32:52
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 31 octobre 2008 13:44
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\dplayx32.dll
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The driver could not be initialized.
[NOTE] The file is scheduled for deleting after reboot.
The registry was scanned ( '47' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\admparse.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\advpack.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\browseui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\corpol.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\custsat.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\dxtmsft.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\dxtrans.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\extmgr.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\hmmapi.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\icardie.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ie4uinit.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieakeng.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieaksie.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieakui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieapfltr.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iedkcs32.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iedw.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieencode.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieframe.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iepeers.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieproxy.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iernonce.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iertutil.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iesetup.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieudinit.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\ieui.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\iexplore.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\imgutil.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\inseng.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\jscript.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\jsproxy.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\licmgr10.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeeds.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeedsbs.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msfeedssync.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshta.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtml.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtmled.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mshtmler.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msls31.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\msrating.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\mstime.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\occache.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\pngfilt.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\shdocvw.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\shlwapi.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spmsg.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spuninst.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\spupdsvc.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\url.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\urlmon.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\vbscript.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\vgx.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\webcheck.dll
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\winfxdocobj.exe
[WARNING] The file could not be opened!
C:\58c7bbf11fb90635da\wininet.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\dplayx32.dll
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[WARNING] Error in ARK lib
[NOTE] The file is scheduled for deleting after reboot.
C:\WINDOWS\system32\GroupPolicyManifest\crack.zip
[NOTE] The file was moved to '496c0bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free access to 150 adult sites.zip
[NOTE] The file was moved to '49700bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free adult videos.zip
[NOTE] The file was moved to '49700bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free porn passwords.zip
[NOTE] The file was moved to '49700bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\installer.zip
[NOTE] The file was moved to '497e0bc7.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\keygen.zip
[NOTE] The file was moved to '49840bbf.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nocd.zip
[NOTE] The file was moved to '496e0bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nodvd.zip
[NOTE] The file was moved to '496f0bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\patch.zip
[NOTE] The file was moved to '497f0bbd.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\serial.zip
[NOTE] The file was moved to '497d0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\setup.zip
[NOTE] The file was moved to '497f0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\unpack.zip
[NOTE] The file was moved to '497b0bcc.qua'!
Begin scan in 'D:\' <TONY>
Begin scan in 'E:\' <TONY1>
End of the scan: vendredi 31 octobre 2008 14:43
Used time: 59:25 Minute(s)
The scan has been done completely.
3821 Scanning directories
224408 Files were scanned
14 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
57 Files cannot be scanned
224337 Files not concerned
1112 Archives were scanned
59 Warnings
14 Notes
quand je te disai qu'il est meilleur
C:\WINDOWS\system32\GroupPolicyManifest\crack.zip
[NOTE] The file was moved to '496c0bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free access to 150 adult sites.zip
[NOTE] The file was moved to '49700bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free adult videos.zip
[NOTE] The file was moved to '49700bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free porn passwords.zip
[NOTE] The file was moved to '49700bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\installer.zip
[NOTE] The file was moved to '497e0bc7.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\keygen.zip
[NOTE] The file was moved to '49840bbf.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nocd.zip
[NOTE] The file was moved to '496e0bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nodvd.zip
[NOTE] The file was moved to '496f0bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\patch.zip
[NOTE] The file was moved to '497f0bbd.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\serial.zip
[NOTE] The file was moved to '497d0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\setup.zip
[NOTE] The file was moved to '497f0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\unpack.zip
[NOTE] The file was moved to '497b0bcc.qua'!
faut que t'arrète les cracks...ta de la chance de pas avoir chopé bagle
Télécharger The Avenger par Swandog46 sur ton Bureau.
http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/
l'extraire sur le bureau
2/ Copier tout le texte ci-dessous : mettre en surbrillance et faire un clic droit/ copier
Drivers to unload:
Files to delete:
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
Folders to delete:
Ouvre le Bloc-Note et clic sur le menu Edition/Coller afin de coller le contenu qui est dans le cadre ci-dessus
Important : Tu dois avoir le contenu du cadre ci-dessous dans le bloc-note, vérifie qu'il n'y a pas de lignes manquantes au début ou à la fin.
- Enregistre le fichier sur ton bureau sous le nom remove.txt
Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.
3/ Maintenant, lancer The Avenger en cliquant l'icône du bureau.
* Sous "Script file to execute" choisir "Input Script Manually".
* Puis cliquer sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
* Dans cette fenêtre, coller le texte précédemment copié sur le bureau par les touches (Ctrl+V).
* Cliquer "Done"
* Ensuite cliquer sur l'icône en forme de Feu Vert pour démarrer l'exécution du script
* Répondre "Yes" deux fois quand demandé.
4/ The Avenger va automatiquement faire ce qui suit:
* Il va redémarrer le système. ( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger re-démarrera votre système 2 fois.)
* Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur votre bureau, ceci est NORMAL.
* Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaître les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
* The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et transféré l'archive zip ici : C:\avenger\backup.zip.
5/ poste le rapport C:\avenger.txt
C:\WINDOWS\system32\GroupPolicyManifest\crack.zip
[NOTE] The file was moved to '496c0bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free access to 150 adult sites.zip
[NOTE] The file was moved to '49700bc8.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free adult videos.zip
[NOTE] The file was moved to '49700bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\free porn passwords.zip
[NOTE] The file was moved to '49700bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\installer.zip
[NOTE] The file was moved to '497e0bc7.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\keygen.zip
[NOTE] The file was moved to '49840bbf.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nocd.zip
[NOTE] The file was moved to '496e0bc9.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\nodvd.zip
[NOTE] The file was moved to '496f0bca.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\patch.zip
[NOTE] The file was moved to '497f0bbd.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\serial.zip
[NOTE] The file was moved to '497d0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\setup.zip
[NOTE] The file was moved to '497f0bc2.qua'!
C:\WINDOWS\system32\GroupPolicyManifest\unpack.zip
[NOTE] The file was moved to '497b0bcc.qua'!
faut que t'arrète les cracks...ta de la chance de pas avoir chopé bagle
Télécharger The Avenger par Swandog46 sur ton Bureau.
http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/
l'extraire sur le bureau
2/ Copier tout le texte ci-dessous : mettre en surbrillance et faire un clic droit/ copier
Drivers to unload:
Files to delete:
C:\WINDOWS\system32\dplayx32.dll
C:\WINDOWS\kit.ini
C:\WINDOWS\sed.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\dumphive.exe
Folders to delete:
Ouvre le Bloc-Note et clic sur le menu Edition/Coller afin de coller le contenu qui est dans le cadre ci-dessus
Important : Tu dois avoir le contenu du cadre ci-dessous dans le bloc-note, vérifie qu'il n'y a pas de lignes manquantes au début ou à la fin.
- Enregistre le fichier sur ton bureau sous le nom remove.txt
Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.
3/ Maintenant, lancer The Avenger en cliquant l'icône du bureau.
* Sous "Script file to execute" choisir "Input Script Manually".
* Puis cliquer sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
* Dans cette fenêtre, coller le texte précédemment copié sur le bureau par les touches (Ctrl+V).
* Cliquer "Done"
* Ensuite cliquer sur l'icône en forme de Feu Vert pour démarrer l'exécution du script
* Répondre "Yes" deux fois quand demandé.
4/ The Avenger va automatiquement faire ce qui suit:
* Il va redémarrer le système. ( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger re-démarrera votre système 2 fois.)
* Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur votre bureau, ceci est NORMAL.
* Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaître les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
* The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et transféré l'archive zip ici : C:\avenger\backup.zip.
5/ poste le rapport C:\avenger.txt
quand je lance the avenger je n'ai pas tout ce que t'as dit :
* Sous "Script file to execute" choisir "Input Script Manually".
* Puis cliquer sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
* Dans cette fenêtre, coller le texte précédemment copié sur le bureau par les touches (Ctrl+V).
* Cliquer "Done"
* Ensuite cliquer sur l'icône en forme de Feu Vert pour démarrer l'exécution du script
* Répondre "Yes" deux fois quand demandé.
Moi j'ai un cadre ou on peut écrire, au dessus il y a écrit "Input script here" et en bas 2 case à cocher "scan for rootkits" et "automatically disable any rootkits found" et je peut cliquer sur une case "Execute"
* Sous "Script file to execute" choisir "Input Script Manually".
* Puis cliquer sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
* Dans cette fenêtre, coller le texte précédemment copié sur le bureau par les touches (Ctrl+V).
* Cliquer "Done"
* Ensuite cliquer sur l'icône en forme de Feu Vert pour démarrer l'exécution du script
* Répondre "Yes" deux fois quand demandé.
Moi j'ai un cadre ou on peut écrire, au dessus il y a écrit "Input script here" et en bas 2 case à cocher "scan for rootkits" et "automatically disable any rootkits found" et je peut cliquer sur une case "Execute"
coche les deux cases
et tu copies le texte que je t'ai filer endessous de "Input script here"
puis clique sur execute
et tu copies le texte que je t'ai filer endessous de "Input script here"
puis clique sur execute
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: file "C:\WINDOWS\system32\dplayx32.dll" not found!
Deletion of file "C:\WINDOWS\system32\dplayx32.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
File "C:\WINDOWS\kit.ini" deleted successfully.
File "C:\WINDOWS\sed.exe" deleted successfully.
File "C:\WINDOWS\SWREG.exe" deleted successfully.
File "C:\WINDOWS\SWSC.exe" deleted successfully.
File "C:\WINDOWS\system32\WS2Fix.exe" deleted successfully.
File "C:\WINDOWS\system32\VCCLSID.exe" deleted successfully.
File "C:\WINDOWS\system32\dumphive.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: file "C:\WINDOWS\system32\dplayx32.dll" not found!
Deletion of file "C:\WINDOWS\system32\dplayx32.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
File "C:\WINDOWS\kit.ini" deleted successfully.
File "C:\WINDOWS\sed.exe" deleted successfully.
File "C:\WINDOWS\SWREG.exe" deleted successfully.
File "C:\WINDOWS\SWSC.exe" deleted successfully.
File "C:\WINDOWS\system32\WS2Fix.exe" deleted successfully.
File "C:\WINDOWS\system32\VCCLSID.exe" deleted successfully.
File "C:\WINDOWS\system32\dumphive.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
bon,
faut faire un p'tit nettoyage des outils utilisés
Télécharge ToolsCleaner sur ton bureau.
-->
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
# Clique sur "Recherche" et laisse le scan agir ...
# Clique sur "Suppression" pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
faut faire un p'tit nettoyage des outils utilisés
Télécharge ToolsCleaner sur ton bureau.
-->
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
# Clique sur "Recherche" et laisse le scan agir ...
# Clique sur "Suppression" pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\avenger.txt: trouvé !
C:\avenger: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Tony_2\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\avenger.zip: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.213\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.566\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.852\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX02.339\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.zip: trouvé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.txt: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Tony_2\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\avenger.zip: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.213\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.566\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.852\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX02.339\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\avenger.txt: supprimé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.txt: supprimé !
C:\avenger: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Tony_2\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
-->- Recherche:
C:\avenger.txt: trouvé !
C:\avenger: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Tony_2\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\avenger.zip: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.213\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.566\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.852\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX02.339\avenger.exe: trouvé !
C:\Documents and Settings\Tony_2\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.zip: trouvé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.txt: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Tony_2\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\avenger.zip: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.213\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.566\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX00.852\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Local Settings\temp\Rar$EX02.339\avenger.exe: supprimé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\avenger.txt: supprimé !
C:\Documents and Settings\Tony_2\Mes documents\avenger.txt: supprimé !
C:\avenger: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Tony_2\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
