Se connecter / S'enregistrer
Votre question

[résolu]Problème NMIndexStoreSvr

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Août 2008 19:16:52

Bonsoir tout le monde,

Mon problème vient d'un processus s'appelant NMIndexStoreSvr.exe. En effet celui-ci, je ne sais toujours pas dans quel condition, se met à utiliser plus d'1go de mémoire quand il le veut. Je le remarque la lenteur de mon PC et je suis obligé d'arréter ce processus pour pouvoir naviguer et jouuer fluidement. Ci dessous un rapport HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13:13, on 04/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\program files\steam\steam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\TheTurtle\TheTurtle v5.0.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 91.121.6.147 L2authd.lineage2.com
O1 - Hosts: 91.121.6.147 L2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
O4 - HKLM\..\Run: [system] C:\WINDOWS\svcr.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\TheTurtle\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [mstwain32] C:\WINDOWS\mstwain32.exe
O4 - HKCU\..\Run: [system] C:\WINDOWS\svcr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Enregistrement de produit Logitech.lnk = C:\Program Files\Fichiers communs\LogiShared\eReg\SetPoint\eReg.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: server.exe.lnk = C:\Program Files\Remote Execute (Server)\server.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MySQL501 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 13135 bytes


Si quelque chose d'autre cloche, ou si vous avez d'autres questions prévenez moi

Merci d'avance à celui qui m'aidera.

Autres pages sur : resolu probleme nmindexstoresvr

4 Août 2008 21:58:04

bonsoir

pour ton souci, c'est nero scout:
Citation :
Il suffit de lancer nero scout et de
le désactiver en décochant la case en haut à gauche

http://www.commentcamarche.net/forum/affich-3091500-nmi...

puis

~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.

~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [system] C:\WINDOWS\svcr.exe
O4 - HKCU\..\Run: [mstwain32] C:\WINDOWS\mstwain32.exe
O4 - HKCU\..\Run: [system] C:\WINDOWS\svcr.exe


Clique sur Fix checked (en bas à gauche)


Sélectionne TOUS les emplacements en gras ci-dessous :

C:\WINDOWS\svcr.exe
C:\WINDOWS\mstwain32.exe


---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt![/#f]

[#ff0e00]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.

Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log



4 Août 2008 22:23:34

Re

C:\WINDOWS\svcr.exe moved successfully.
C:\WINDOWS\mstwain32.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08042008_222125


Donc voilà je pense que ça doit être bon.

Et aussi je voudrais savoir si il n'y a aucun autre problème (on sait jamais^^)

Encore merci de ton aide
Contenus similaires
5 Août 2008 21:20:13

bonsoir

Voilà ce que je te propose, tu vas remplacer Avast! par Antivir, qui est gratuit aussi mais beaucoup plus efficace, tu vas faire un scan avec et poster le rapport. :) 


Désinstalle correctement Avast!


Pour le remplacer par Antivir.

-->Tuto<--


Pourquoi changer ? : Avast! vs Antivir
mais aussi:
14 antivirus au banc d'essai
Citation :
Antivir : le plus efficace des gratuits


6 Août 2008 21:55:17

Bonsoir,

Alors voilà après avoir tout fait correctement, et une analyse frolant les 2 heures voici le résultat :



Avira AntiVir Personal
Report file date: mercredi 6 août 2008 20:06

Scanning for 1537643 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: XXXXX-67C777F5B

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 04/08/2008 17:42:18
ANTIVIR3.VDF : 7.0.5.222 97280 Bytes 06/08/2008 17:42:18
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 17:42:24
AESCN.DLL : 8.1.0.23 119156 Bytes 06/08/2008 17:42:23
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 06/08/2008 17:42:23
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 06/08/2008 17:42:22
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 17:42:22
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 17:42:21
AEEMU.DLL : 8.1.0.7 430452 Bytes 06/08/2008 17:42:20
AECORE.DLL : 8.1.1.8 172406 Bytes 06/08/2008 17:42:19
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 06/08/2008 17:42:19
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 6 août 2008 20:06

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'MessengerDiscovery Live.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'antivir_workstation_winu_en_h.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
Scan process 'TheTurtle v5.0.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'steam.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'SMax4.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindService.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'mysqld.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'DkService.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
54 processes with 54 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '71' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\xxxx\Bureau\pour serveur\CT1-Kamael patch by Soul\system\L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[WARNING] The file was ignored!
C:\Documents and Settings\xxxx\Bureau\pour serveur\L2 FileEdit [Int-Kamael]\L2 FileEdit [Int-Kamael].exe
[DETECTION] Is the TR/Dldr.Agent.2138112 Trojan
[WARNING] The file was ignored!
C:\Documents and Settings\xxxx\Bureau\pour serveur\PhoenixV7\L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[WARNING] The file was ignored!
C:\Documents and Settings\xxxx\Bureau\pour serveur\PhoenixV7\L2 FileEdit _Int-Kamael_.rar
[0] Archive type: RAR
--> L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[WARNING] The file was ignored!
C:\Fraps\fraps.exe
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.SpyLocked.J phishing file/email
[NOTE] The file was moved to '48faef2e.qua'!
C:\Program Files\Lineage II\system.rar
[0] Archive type: RAR
--> system\L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[WARNING] The file was ignored!
C:\Program Files\Lineage II\systemvierge hellbound.rar
[0] Archive type: RAR
--> system\L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[WARNING] The file was ignored!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP109\A0043947.exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[NOTE] The file was moved to '48c9f676.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP109\A0044818.exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[NOTE] The file was moved to '48c9f6cd.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP109\A0045508.exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[NOTE] The file was moved to '48c9f6e4.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP112\A0047956.exe
[DETECTION] Is the TR/Agent.176774.A Trojan
[NOTE] The file was moved to '48c9f719.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP112\A0047973.exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[NOTE] The file was moved to '48c9f71a.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP113\A0049810.exe
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.SpyLocked.J phishing file/email
[NOTE] The file was moved to '48c9f74a.qua'!
C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP114\A0050437.exe
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.SpyLocked.J phishing file/email
[NOTE] The file was moved to '48c9f756.qua'!
C:\_OTMoveIt\MovedFiles\08042008_222125\WINDOWS\mstwain32.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE] The file was moved to '490df935.qua'!
C:\_OTMoveIt\MovedFiles\08042008_222125\WINDOWS\svcr.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[NOTE] The file was moved to '48fcf938.qua'!
Begin scan in 'E:\'
E:\Documents and Settings\xxxx\Mes documents\1231233123\NOD32.Antivirus.v2.70.39.FR.Incl-Crack.rar
[DETECTION] Is the TR/Drop.Agent Trojan
E:\Documents and Settings\xxxx\Mes documents\1231233123\NOD32.Antivirus.v2.70.39.FR.Incl-Crack.rar
[0] Archive type: RAR
--> Crack\NOD32.FiX.v2.2-nsane.exe
[DETECTION] Is the TR/Dropp.D Trojan
[NOTE] The file was moved to '48ddf919.qua'!
E:\Documents and Settings\xxxx\Mes documents\1231233123\Crack et Keygen\Keygen Photoshop CS2 Fr.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '4912f930.qua'!
E:\Documents and Settings\xxxx\Mes documents\max\Adobe Photoshop Cs2 (v9.0) Fr Officielle Incl-Crack Et Keygen Par Emule-Paradise\Crack et Keygen\Keygen Photoshop CS2 Fr.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '4912fb23.qua'!
E:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\Fraps 2.8.2Crack.rar
[0] Archive type: RAR
--> FRAPSREG282.EXE
[DETECTION] Contains recognition pattern of the DR/FraudTool.SpyLocked.J.1 dropper
[NOTE] The file was moved to '48fafb3a.qua'!
E:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\Fraps 2.8.2Crack\FRAPSREG282.EXE
[DETECTION] Contains recognition pattern of the DR/FraudTool.SpyLocked.J.1 dropper
[NOTE] The file was moved to '48dafb2d.qua'!
E:\Program Files\Lineage II\system HOD.rar
[0] Archive type: RAR
--> system\L2 FileEdit (Int-Kamael).exe
[DETECTION] Is the TR/Dldr.Agent.2191872 Trojan
[NOTE] The file was moved to '490d007c.qua'!
E:\Program Files\Lineage II interlude\system l2terror.rar
[0] Archive type: RAR
--> system\Core.bpl
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE] The file was moved to '490d00b7.qua'!
E:\Program Files\Lineage II interlude\system\Core.bpl
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE] The file was moved to '490c00e8.qua'!


End of the scan: mercredi 6 août 2008 21:51
Used time: 1:44:26 Hour(s)

The scan has been done completely.

39711 Scanning directories
1423375 Files were scanned
23 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
0 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
1423349 Files not concerned
7677 Archives were scanned
7 Warnings
18 Notes

6 Août 2008 22:06:43

re
dernier scan (sûr que tu aimes ça ;)  )

~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://webscanner.kaspersky.fr/

~ Clique sur Online Scanner.
~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.

~Sélectionne le poste de travail comme analyse.

~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.

Tuto du scan en ligne
7 Août 2008 11:07:15

Re
Ca ne fonctionne pas, ils me disent que ma license est périmée
7 Août 2008 14:38:02

bonjour
essaye de désinstaller Kaspersky online scanner via ajout/suppression de programmes puis recommence.
7 Août 2008 16:02:16

Re
Toujours le même problème.
7 Août 2008 21:53:17

re
on change
- Fais un nano/total scan avec panda en désactivant ton antivirus pendant le scan!
- Enregistre-toi sur le site en créant un compte à partir du bouton Register Free à droite.
- Après avoir indiqué une adresse mail valide et un mot de passe.. tu vas recevoir un mail.. clic sur le lien pour activer ton compte
- Retourne sur le site et identifie toi dans la partie droite en indiquant ton adresse mail et ton mot de passe
- Coche au milieu l'option Full Scan puis clic sur le bouton Scan now
- Le site va te demander d'accepter l'installation du contrôle Activex.. accepte en cliquant sur le bouton Oui.
- Le programme va télécharger les mises à jour puis le scan va se faire.. Il peut durer une heure.
- Une fois le scan terminé.. clic en bas de la page de rapport sur le bouton Desinfect
- Ensuite dans la partie haute, clic sur le petit bouton Save.. Cela va te permettre d'enregistrer un rapport sur ton bureau.
- Ouvre ce rapport et Copie/colle le rapport panda ici

AIDE : Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)

8 Août 2008 13:12:41

re voilà le résultat

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-08-08 13:10:53
PROTECTIONS: 1
MALWARE: 33
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 8.0.1.26 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@casalemedia[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@doubleclick[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@atdmt[4].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@tradedoubler[3].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@tradedoubler[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@247realmedia[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.fastclick.net/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@mediaplex[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@com[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.yadro.ru/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@xiti[3].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@xiti[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@xiti[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@statcounter[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@statcounter[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@ad.yieldmanager[3].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@weborama[3].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@adtech[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@adtech[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@fl01.ct2.comclick[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@media.adrevolver[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@media.adrevolver[5].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@bluestreak[3].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@adrevolver[3].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@adrevolver[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Application Data\Flock\Browser\Profiles\hm42wyr2.default\cookies.txt[.go.com/]
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@adviva[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@smartadserver[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\xxxx\Cookies\xxxx@smartadserver[3].txt
01298679 HackTool/Hydra HackTools No 0 Yes No C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP113\A0050081.exe
01298700 HackTool/Hydra HackTools No 0 Yes No C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP113\A0050082.exe
03074964 Trj/CI.A Virus/Trojan No 0 No No C:\Documents and Settings\xxxx\Bureau\Counter-Strike 1.6.exe[C:\Documents and Settings\xxxx\Bureau\Counter-Strike 1.6.exe][platform\Admin\AdminServer.dll]
03173366 Spyware/Virtumonde Spyware No 1 No No C:\Downloads\Atomix Virtual DJ Professional 5.0 rev6\Virtual DJ Pro 2008 & Effects - Incl. Key\VirtualDJ2008.exe[C:\Downloads\Atomix Virtual DJ Professional 5.0 rev6\Virtual DJ Pro 2008 & Effects - Incl. Key\VirtualDJ2008.exe][is155082.exe]
03261860 Exploit/Overflow HackTools No 0 Yes No C:\Documents and Settings\xxxx\Bureau\spam\Spamer.exe
03280811 Generic Trojan Virus/Trojan No 0 No No C:\Program Files\Lineage II\systemvierge hellbound.rar[system\L2 FileEdit (Int-Kamael).exe]
03280811 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\xxxx\Bureau\pour serveur\PhoenixV7\L2 FileEdit (Int-Kamael).exe
03280811 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\xxxx\Bureau\pour serveur\PhoenixV7\L2 FileEdit _Int-Kamael_.rar[L2 FileEdit (Int-Kamael).exe]
03280811 Generic Trojan Virus/Trojan No 0 No No C:\Program Files\Lineage II\system.rar[system\L2 FileEdit (Int-Kamael).exe]
03280811 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{F2B0EF68-28EB-48AC-A3F0-2D234AE6724F}\RP114\A0050476.exe
03438731 Generic Trojan Virus/Trojan No 0 Yes Yes C:\Documents and Settings\xxxx\Bureau\pour serveur\L2 FileEdit [Int-Kamael]\L2 FileEdit [Int-Kamael].exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location w
;===================================================================================================================================================================================
No C:\Program Files\MessengerDiscovery\Loader.exe w
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description w
;===================================================================================================================================================================================
182048 HIGH MS07-069 w
176382 HIGH MS07-057 w
170906 HIGH MS07-045 w
170904 HIGH MS07-043 w
164913 HIGH MS07-033 w
160623 HIGH MS07-027 w
150253 HIGH MS07-016 w
133387 MEDIUM MS06-065 w
;===================================================================================================================================================================================
8 Août 2008 14:25:43

bonjour

vire tes cracks:
C:\Program Files\Lineage II
C:\Downloads\Atomix Virtual DJ Professional 5.0 rev6
C:\Documents and Settings\xxxx\Bureau\spam
C:\Documents and Settings\xxxx\Bureau\pour serveur\PhoenixV7
C:\Documents and Settings\xxxx\Bureau\pour serveur\L2 FileEdit [Int-Kamael]

8 Août 2008 14:40:00

Je viens de les virer, par contre
Lineage II ce n'est pas un crack c'est un jeu qui est mal reconnu depuis la dernière MaJ, certains antivirus on créer un patch pour éviter qu'il soit reconnu.
Et le fileedit et phoenix V7 sont des fichiers et outils pour mon serveurs ce ne sont pas des virus ou cracks.

Merci de t'être occupé de moi encore
8 Août 2008 22:04:15

re

Supprime tous les programmes installés pour la désinfection.


Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

:hello: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS