|
|
Auteur
|
Message
|
1
|
|
|
|
Bonjour,
J'ai récuperer le pc d'un copain pour quelques jours et il est infecté.
Il est nottament infecté par WinSpywareProtect
Merci de m'aider a le désinfecter ça lui ferait très plaisir 
Cordialement
|
|
|
|
|
Salut Vinss_The_Boss
Télécharge Hijackthis V 2.02 sur le bureau :
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
- Double clique sur HJTInstall.exe sur le bureau
- Clique sur Install ensuite sur I Accept
- fermer toutes les fenêtres, HJT doit être exécuté seul (tout autre programme fermé).
- lancer HJT et clic sur Do a system scan and save a logfile
- une fenêtre Notepad s'ouvre : (Ctrl-A) pour sélectionner tout le texte, (Ctrl-C) pour le copier dans le presse papier.
- mettre le texte dans un post ci-dessous (Ctrl-V) pour analyse
@++
|
|
|
|
|
Voila le log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:51:29, on 19/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tf1.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://fr.search.yahoo(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshMediaBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 10842 bytes
Je crois que le log est clean, j'en avait déja fait un avant maisa a vérifier
-->Message édité par Vinss_The_Boss le 19/07/2008 15:54:06<--
|
|
|
|
|
Salut Vinss_The_Boss
Important Désactive toute protection résidente ! (Antivirus, antispywares) :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe tape 1 valide par Entrée pour lancer le scan
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif
N'en tiens pas compte continue la procédure
@++
|
|
|
|
|
ComboFix 08-07-18.5 - kevin 2008-07-19 16:21:36.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.297 [GMT 2:00]
Endroit: C:\Users\kevin\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.lnk
C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
C:\Users\particulier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spyware-Secure
C:\Users\particulier\Desktop\webmediaplayer.lnk
C:\Windows\system32\hylccvi_navtmp.dat
C:\Windows\system32\x64
.
---- Previous Run -------
.
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\WebMediaPlayer.url
C:\Windows\Downloaded Program Files\setup.inf
C:\Windows\pack.epk
C:\Windows\system32\nvs2.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-19 to 2008-07-19 ))))))))))))))))))))))))))))))))))))
.
Pas de nouveau fichier créé dans cet espace de temps
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 14:20 --------- d-----w C:\Program Files\Wanadoo
2008-07-19 14:03 132 ----a-w C:\Delapp.bat
2008-07-19 14:01 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-07-19 13:49 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-19 13:25 --------- d-----w C:\Program Files\Winamp
2008-07-19 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-19 13:10 --------- d-----w C:\Program Files\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter
2008-07-15 17:55 --------- d-----w C:\ProgramData\Symantec
2008-07-15 17:51 --------- d-----w C:\Program Files\Trend Micro
2008-07-15 17:50 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-15 17:49 15,083,520 ----a-w C:\Users\kevin\spybotsd160.exe
2008-07-12 11:39 --------- d-----w C:\ProgramData\Adsl Software Ltd
2008-07-12 10:54 --------- d-----w C:\Users\particulier\AppData\Roaming\LimeWire
2008-07-10 05:03 174 --sha-w C:\Program Files\desktop.ini
2008-07-10 05:01 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-10 04:53 --------- d-----w C:\Program Files\Windows Mail
2008-07-02 18:54 --------- d-----w C:\Users\kevin\AppData\Roaming\LimeWire
2008-06-26 12:56 --------- d-----w C:\Program Files\PhotoFiltre
2008-06-15 15:18 100 ----a-w C:\Users\particulier\AppData\Roaming\wklnhst.dat
2008-06-04 06:56 --------- d-----w C:\Users\kevin\AppData\Roaming\Shareaza
2008-06-02 19:28 --------- d-----w C:\Program Files\Shareaza
2008-06-02 19:27 --------- d-----w C:\Users\particulier\AppData\Roaming\Shareaza
2008-05-30 07:08 --------- d-----w C:\Users\particulier\AppData\Roaming\DivX
2008-05-29 20:23 --------- d-----w C:\Program Files\DivX
2008-05-29 20:23 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-05-13 18:45 46 ----a-w C:\Users\kevin\AppData\Roaming\wklnhst.dat
2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-03-31 18:33 80,818 ----a-w C:\Users\kevin\Easter_Eggstacy_AVS_Preset_Pack.exe
2007-03-31 10:28 1,439,315 ----a-w C:\Users\kevin\french_translated.exe
2007-03-31 10:26 6,718,976 ----a-w C:\Users\kevin\winamp533_full_emusic-7plus.exe
2007-03-31 10:16 3,534,076 ----a-w C:\Users\kevin\eMule0.47c-Installer.exe
2008-03-26 16:45 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-26 16:45 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-26 16:45 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2007-12-02 16:12 394672 --a------ C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 15:42 65536]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44 61440]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 13:39 151552]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11 49152]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 17:55 32768]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 03:36 81920]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 01:13 774168]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 01:12 488984]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-20 18:38 262401]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-03-25 17:07 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-03-25 17:07 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-03-25 17:07 133656]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 12:57 3784704 C:\Windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"FTRTSVC"="C:\Windows\System32\FTRTSVC.exe" [2004-08-23 15:49 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D7D98A43-DAFD-47D6-804A-E56E57C16060}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{FAC41682-B536-4E41-87D0-4D6167B0D90F}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{9E8BED7F-120D-4651-9873-AD3E3EC13BAF}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{96780733-3BCC-412F-85AA-1D195BA9573C}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{FB67F875-D15E-4B4E-8571-18A99307C352}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{DB99839E-B533-4533-ADDD-A5C10EBB590A}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{4B5D936B-31E6-47F7-9489-631C485A2885}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E5C0A6B7-7FC4-4777-A7FB-84B2A1666C5B}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{670FFBA2-DF65-4883-99CE-F983D02A1E5B}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{7548B60D-5B14-4011-A468-95AF600DA97A}C:\\users\\kevin\\desktop\\emule.exe"= UDP:C:\users\kevin\desktop\emule.exe:emule.exe
"UDP Query User{0693FBCC-C8BE-47EC-AF45-6B3145B36C36}C:\\users\\kevin\\desktop\\emule.exe"= TCP:C:\users\kevin\desktop\emule.exe:emule.exe
"TCP Query User{F6E714A3-BE9B-4C2F-88A0-27496BCB0CFD}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{04A86D87-87B6-480D-97C1-E524A88F0EE3}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{072AFE57-A3BF-4033-9EC0-A15EB1CFE86B}"= Disabled:UDP:C:\Users\kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4BI9DJXL\incredimail_install[1].exe:IncrediMail Installer
"{78F0057B-38C2-4B30-8E74-E888D4E78452}"= Disabled:TCP:C:\Users\kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4BI9DJXL\incredimail_install[1].exe:IncrediMail Installer
"TCP Query User{5ECAB21B-2172-4BB4-89F4-516BEFC87936}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{93596486-5345-4DBF-A477-0515BED50B69}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{27B08FB2-A3E8-4AAA-8788-42AB3AA7AF8D}C:\\users\\kevin\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:C:\users\kevin\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{06FDB315-55D9-4B1D-A809-8EBA227537D9}C:\\users\\kevin\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:C:\users\kevin\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{3E5CCC53-8749-4442-B793-F57FF8C3F8C1}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= UDP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"UDP Query User{AAB58CC3-D2B1-4A45-A071-E34DF6E136DA}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= TCP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"{47BE277A-3375-496C-9C7B-82FEBAD8FC42}"= Disabled:UDP:C:\Users\diego\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6RLSBYYB\incredimail_install[1].exe:IncrediMail Installer
"{7D9923E9-6211-4B3A-8D1F-BA0588138BF2}"= Disabled:TCP:C:\Users\diego\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6RLSBYYB\incredimail_install[1].exe:IncrediMail Installer
"{F4338EFB-B9A6-400E-A999-B3FF0439209B}"= Disabled:UDP:C:\Users\diego\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{BC172929-442A-420C-BF8D-69575D68CDDF}"= Disabled:TCP:C:\Users\diego\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{EF664927-292B-4DDA-8FC4-EF71E4CD8CC3}"= Disabled:UDP:C:\Users\particulier\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{778AC649-BE42-4C05-93AE-F9DB58E10857}"= Disabled:TCP:C:\Users\particulier\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{2A15E567-B17C-4A84-AA75-D689D2F005FD}"= Disabled:UDP:C:\Users\particulier\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{D0B81AA4-56F0-4C6A-9A48-3AD146619C65}"= Disabled:TCP:C:\Users\particulier\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{17A6C33D-942F-43DA-9669-BA9646221259}"= Disabled:UDP:C:\Users\kevin\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{461CB198-AD8E-4F72-94B8-B036A830FAA7}"= Disabled:TCP:C:\Users\kevin\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:IncrediMail Installer
"{2B3E0C22-8AA8-4A32-ACC0-550FF2E56679}"= Disabled:UDP:C:\Program Files\Magentic\bin\Magentic.exe:Magentic
"{F2FFD517-3E08-4006-82A8-24910F3DE0DB}"= Disabled:TCP:C:\Program Files\Magentic\bin\Magentic.exe:Magentic
"{08949FC8-5D2C-4D64-8295-343796C961AC}"= Disabled:UDP:C:\Program Files\Magentic\bin\MgApp.exe:Magentic
"{9CE8BB08-290D-45F9-874B-0589F872B2B0}"= Disabled:TCP:C:\Program Files\Magentic\bin\MgApp.exe:Magentic
"{A0BC390D-328A-46FE-B45A-4CA187F74FA7}"= Disabled:UDP:C:\Program Files\Magentic\bin\MgImp.exe:Magentic
"{08323021-A70C-43C4-9023-FEE4341611CD}"= Disabled:TCP:C:\Program Files\Magentic\bin\MgImp.exe:Magentic
"{59E41F5E-81EA-49E4-889A-FA614B63E709}"= Disabled:UDP:C:\Program Files\Magentic\bin\Magentic.exe:Magentic
"{44B037DB-66C1-4FA0-AA9E-F2213B1CE3DE}"= Disabled:TCP:C:\Program Files\Magentic\bin\Magentic.exe:Magentic
"{2AA85C3F-69B2-431F-828E-5E0F2B3E1434}"= Disabled:UDP:C:\Program Files\Magentic\bin\MgApp.exe:Magentic
"{4CD13C0B-2F39-49F8-98D9-4EA080600794}"= Disabled:TCP:C:\Program Files\Magentic\bin\MgApp.exe:Magentic
"{A9C37F26-E383-4348-8542-FBAE3CA09947}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{14EA6108-BFDF-4269-A4BC-0A3771649F3B}C:\\program files\\echanblard\\emule.exe"= UDP:C:\program files\echanblard\emule.exe:eChanblard
"UDP Query User{AF3BEE4B-249D-43C5-870F-808D576073CF}C:\\program files\\echanblard\\emule.exe"= TCP:C:\program files\echanblard\emule.exe:eChanblard
"TCP Query User{3E1AE2F2-CA05-4E76-8C64-BF0A65B6AF02}C:\\program files\\imesh applications\\imesh\\imesh.exe"= UDP:C:\program files\imesh applications\imesh\imesh.exe:iMesh
"UDP Query User{14C7BD3A-DE33-4531-B25F-4489C61BC20B}C:\\program files\\imesh applications\\imesh\\imesh.exe"= TCP:C:\program files\imesh applications\imesh\imesh.exe:iMesh
"TCP Query User{3E9A4AFC-5DA6-4949-A375-B24F86562BE0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{CD44146E-7C6C-43B4-AF54-4567F5965426}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{778B0FE9-B344-4CC6-B3D9-7A9EA200642A}C:\\program files\\shareaza\\shareaza.exe"= UDP:C:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
"UDP Query User{294D4EEB-B3A4-4B13-B0E1-87DB21F2DDEA}C:\\program files\\shareaza\\shareaza.exe"= TCP:C:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys [2007-10-17 14:53]
R2 fsssvc;Windows Live OneCare Contrôle parental;C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe [2007-12-17 12:13]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\Windows\system32\drivers\ScreamingBAudio.sys [2006-09-27 00:21]
S3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 17:04]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 10:47]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 10:47]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 10:47]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b688bff-f2a0-11dc-8cb3-000ea6f80186}]
\shell\Auto\command - cmd /C launch.bat
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b688c05-f2a0-11dc-8cb3-000ea6f80186}]
\shell\Auto\command - cmd /C launch.bat
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82c339ef-25b3-11dd-9e6a-000ea6f80186}]
\shell\Auto\command - cmd /C launch.bat
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-19 10:52:35 C:\Windows\Tasks\User_Feed_Synchronization-{0CEB261D-0D6D-484F-B5AC-8725A5D95334}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-07-19 10:40:49 C:\Windows\Tasks\User_Feed_Synchronization-{BBCB8482-0BBF-48FC-B90A-462FBCDB1593}.job"
- C:\Windows\system32\msfeedssync.exe
"2007-11-13 06:22:36 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 16:29:11
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-07-19 16:31:06
ComboFix-quarantined-files.txt 2008-07-19 14:31:02
Pre-Run: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Post-Run: 98,838,855,680 octets libres
196 --- E O F --- 2008-07-10 04:54:26
|
|
|
|
|
Salut Vinss_The_Bos
Supprime si encore présent C:\Program Files\ webmediaplayer <== ce dossier
Désactive le contrôle des comptes utilisateurs :
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Fais un scan en ligne ici http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)
- Désactive ton Antivirus durant le scan
- En bas à droite clique sur Démarrer Online-scanner dans la nouvelle fenêtre qui s'affiche clique sur J'accepte
- Accepte les Contrôle ActivX
- Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)
- Poste le rapport
- Pour t'aider à utiliser le scan en ligne http://www.malekal.com/scan_Av_en_ligne.html#mozTocId291566
- Si tu as un probléme pour l'installation du Contrôle ActivX lis ceci http://www.inoculer.com/activex.php3
@++
|
|
|
|
|
|
Le scan Kapersky en ligne fonctionne avec vista ?
|
|
|
|
|
Salut Vinss_The_Boss
Oui très bien, faut désactivé le contrôle des comptes utilisateurs (UAC)
@++
|
|
|
|
|
D'accord je fais le scan et je poste ça merci 
|
|
|
|
|
|
Erf petit probleme : Certains composants sont endommagés où ne sont pas correctement installé. Veuillez réinstaller l'application!
|
|
|
|
|
|
|
J'ai fais 2 scans, le premier j'ai cliqué au mauvais endroit (boulet ^^) donc voila le résultat du 2eme scan :
BitDefender Online Scanner - Real Time Virus Report
Generated at: Sat, Jul 19, 2008 - 20:24:59
Scan Info
Scanned Files
376736
Infected Files
4
Virus Detected
Adware.Navipromo.GO
2
Adware.Savenow.DG
1
Spyware.618
1
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
-->Message édité par Vinss_The_Boss le 19/07/2008 20:27:31<--
|
|
|
|
|
Salut Vinss_The_Boss
Et le reste du rapport??
@++
|
|
|
|
|
Bah j'ai pourtant prit tout ce qu'il y avait 
Je vais refaire un scan pour voir vu que c'est très propable que j'ai fait une erreur...
|
|
|
|
|
Salut Vinss_The_Boss
On va faire mieux que ça, mettre Antivir à jour et faire un scan en mode sans échec, voir ce tuto et poste le rapport :
http://www.malekal.com/tutorial_antivir.php
@++
|
|
|
|
|
Voile le résultat du scan avec antivir
Avira AntiVir Personal
Report file date: dimanche 20 juillet 2008 12:55
Scanning for 1476110 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Boot mode: Save mode
Username: kevin
Computer name: PC-DE-PARTICULI
Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 19/07/2008 15:03:12
AVSCAN.DLL : 8.1.4.0 40705 Bytes 19/07/2008 15:03:12
LUKE.DLL : 8.1.4.5 164097 Bytes 19/07/2008 15:03:14
LUKERES.DLL : 8.1.4.0 12033 Bytes 19/07/2008 15:03:14
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:21:06
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 17:08:22
ANTIVIR2.VDF : 7.0.5.119 1264128 Bytes 15/07/2008 15:03:15
ANTIVIR3.VDF : 7.0.5.139 325632 Bytes 19/07/2008 10:38:08
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 20/04/2008 16:38:22
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 19/07/2008 15:03:16
AESCN.DLL : 8.1.0.23 119156 Bytes 19/07/2008 15:03:16
AERDL.DLL : 8.1.0.20 418165 Bytes 25/04/2008 16:35:56
AEPACK.DLL : 8.1.2.1 364917 Bytes 19/07/2008 15:03:16
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 19/07/2008 15:03:15
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 19/07/2008 15:03:15
AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 17:04:08
AEGEN.DLL : 8.1.0.29 307573 Bytes 21/06/2008 17:06:00
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 16:35:39
AECORE.DLL : 8.1.1.6 172405 Bytes 19/07/2008 15:03:15
AEBB.DLL : 8.1.0.1 53617 Bytes 19/07/2008 15:03:15
AVWINLL.DLL : 1.0.0.12 15105 Bytes 19/07/2008 15:03:12
AVPREF.DLL : 8.0.2.0 38657 Bytes 19/07/2008 15:03:12
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.1 33537 Bytes 19/07/2008 15:03:12
AVARKT.DLL : 1.0.0.23 307457 Bytes 20/04/2008 16:38:14
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 19/07/2008 15:03:12
SQLITE3.DLL : 3.3.17.1 339968 Bytes 20/04/2008 16:38:19
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 19/07/2008 15:03:14
NETNT.DLL : 8.0.0.1 7937 Bytes 20/04/2008 16:38:19
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 19/07/2008 15:03:09
RCTEXT.DLL : 8.0.52.0 86273 Bytes 19/07/2008 15:03:09
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, G:, H:, I:, J:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 20 juillet 2008 12:55
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
17 processes with 17 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[INFO] In the drive 'J:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '47' files ).
Starting the file scan:
Begin scan in 'C:\' <HP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\eMule\Incoming\Atomix Virtual DJ 3.4 Complet Table De Mixage Juin 2006 Multilangage + user guide fr and eng may 2006.zip
[0] Archive type: ZIP
--> Atomix Virtual DJ 3.4/Atomix Virtual DJ v3.4 Home Edition 2006/atomix.virtual.dj.3.x-patch.exe
[DETECTION] Is the TR/Agent.37670 Trojan
[NOTE] The file was deleted!
C:\Users\kevin\Documents\vp-creaturesofdarkness_install.exe
[0] Archive type: ZIP SFX (self extracting)
--> setup.exe
[DETECTION] Is the TR/Drop.Joiner.DV Trojan
[NOTE] The file was deleted!
Begin scan in 'D:\' <Recovery>
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'J:\'
Search path J:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
End of the scan: dimanche 20 juillet 2008 14:08
Used time: 1:12:43 Hour(s)
The scan has been done completely.
22616 Scanning directories
363360 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
363357 Files not concerned
5058 Archives were scanned
5 Warnings
2 Notes
|
|
|
|
|
Salut Vinss_The_Boss
Tout est OK, as-tu d'autre alerte?
@++
|
|
|
|
|
Non je n'ai rien d'autre !
Merci beaucoup de votre aide
Bonne journée
-->Message édité par Vinss_The_Boss le 20/07/2008 14:39:27<--
|
|
|
|
|
Salut Vinss_The_Boss
- Je te donne quelques consignes de sécurité :
- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware
- un contôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php
Si tu considère ton problème comme résolu, édite ![[:jlj:3]](/data/globaldata/usmilies/jlj-3.gif "[:jlj:3]") ton premier poste et ajoute [résolu] dans le titre.
Bon dimanche
@++
|
|
|
1
|
|
|
|
