Votre question

virus recu par msn

Tags :
  • Zip
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Octobre 2007 20:08:18

salut jai ouvert un fichier sur msn et il s'avère ke c un virus, comment fait-on pr lenlever ? merci

Autres pages sur : virus recu msn

a b 8 Sécurité
1 Octobre 2007 20:57:01

Bonjour,

Pas de SMS !

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
2 Octobre 2007 16:20:52

MSNFix 1.532

D:\Documents and Settings\bastien\Bureau\MSNFix\MSNFix
Fix exécuté le 02/10/2007 - 16:12:54,40 By bastien
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\direct3dx.dll
... C:\WINDOWS\system32\directxd.exe
... C:\WINDOWS\files1.zip
... C:\WINDOWS\files10.zip
... C:\WINDOWS\files13.zip
... C:\WINDOWS\files19.zip
... C:\WINDOWS\files28.zip
... C:\WINDOWS\files31.zip
... C:\WINDOWS\files34.zip
... C:\WINDOWS\files40.zip
... C:\WINDOWS\files43.zip
... C:\WINDOWS\files49.zip
... C:\WINDOWS\files52.zip
... C:\WINDOWS\files55.zip
... C:\WINDOWS\files64.zip
... C:\WINDOWS\files7.zip
... C:\WINDOWS\files76.zip
... C:\WINDOWS\files79.zip
... C:\WINDOWS\files82.zip
... C:\WINDOWS\files91.zip
... C:\WINDOWS\news14.zip
... C:\WINDOWS\news2.zip
... C:\WINDOWS\news20.zip
... C:\WINDOWS\news23.zip
... C:\WINDOWS\news32.zip
... C:\WINDOWS\news44.zip
... C:\WINDOWS\news5.zip
... C:\WINDOWS\news56.zip
... C:\WINDOWS\news59.zip
... C:\WINDOWS\news62.zip
... C:\WINDOWS\news86.zip
... C:\WINDOWS\news92.zip
... C:\WINDOWS\news98.zip
... C:\WINDOWS\JPGimage11.zip
... C:\WINDOWS\JPGimage2.zip
... C:\WINDOWS\JPGimage26.zip
... C:\WINDOWS\JPGimage29.zip
... C:\WINDOWS\JPGimage35.zip
... C:\WINDOWS\JPGimage41.zip
... C:\WINDOWS\JPGimage56.zip
... C:\WINDOWS\JPGimage59.zip
... C:\WINDOWS\JPGimage62.zip
... C:\WINDOWS\JPGimage65.zip
... C:\WINDOWS\JPGimage68.zip
... C:\WINDOWS\JPGimage71.zip
... C:\WINDOWS\JPGimage83.zip
... C:\WINDOWS\JPGimage95.zip
... C:\WINDOWS\look15.zip
... C:\WINDOWS\look21.zip
... C:\WINDOWS\look42.zip
... C:\WINDOWS\look45.zip
... C:\WINDOWS\look54.zip
... C:\WINDOWS\look6.zip
... C:\WINDOWS\look60.zip
... C:\WINDOWS\look66.zip
... C:\WINDOWS\look72.zip
... C:\WINDOWS\look75.zip
... C:\WINDOWS\look78.zip
... C:\WINDOWS\look81.zip
... C:\WINDOWS\look84.zip
... C:\WINDOWS\file1.zip
... C:\WINDOWS\file10.zip
... C:\WINDOWS\file13.zip
... C:\WINDOWS\file19.zip
... C:\WINDOWS\file25.zip
... C:\WINDOWS\file28.zip
... C:\WINDOWS\file31.zip
... C:\WINDOWS\file55.zip
... C:\WINDOWS\file7.zip
... C:\WINDOWS\file82.zip
... C:\WINDOWS\file85.zip
... C:\WINDOWS\file91.zip
... C:\WINDOWS\file94.zip
... C:\WINDOWS\files1.zip
... C:\WINDOWS\files10.zip
... C:\WINDOWS\files13.zip
... C:\WINDOWS\files19.zip
... C:\WINDOWS\files28.zip
... C:\WINDOWS\files31.zip
... C:\WINDOWS\files34.zip
... C:\WINDOWS\files40.zip
... C:\WINDOWS\files43.zip
... C:\WINDOWS\files49.zip
... C:\WINDOWS\files52.zip
... C:\WINDOWS\files55.zip
... C:\WINDOWS\files64.zip
... C:\WINDOWS\files7.zip
... C:\WINDOWS\files76.zip
... C:\WINDOWS\files79.zip
... C:\WINDOWS\files82.zip
... C:\WINDOWS\files91.zip
... C:\WINDOWS\downloadme0.zip
... C:\WINDOWS\downloadme15.zip
... C:\WINDOWS\downloadme24.zip
... C:\WINDOWS\downloadme27.zip
... C:\WINDOWS\downloadme3.zip
... C:\WINDOWS\downloadme42.zip
... C:\WINDOWS\downloadme48.zip
... C:\WINDOWS\downloadme54.zip
... C:\WINDOWS\downloadme6.zip
... C:\WINDOWS\downloadme66.zip
... C:\WINDOWS\downloadme72.zip
... C:\WINDOWS\downloadme78.zip
... C:\WINDOWS\downloadme87.zip
... C:\WINDOWS\downloadme90.zip
... C:\WINDOWS\downloadme96.zip
... C:\WINDOWS\news14.zip
... C:\WINDOWS\news2.zip
... C:\WINDOWS\news20.zip
... C:\WINDOWS\news23.zip
... C:\WINDOWS\news32.zip
... C:\WINDOWS\news44.zip
... C:\WINDOWS\news5.zip
... C:\WINDOWS\news56.zip
... C:\WINDOWS\news59.zip
... C:\WINDOWS\news62.zip
... C:\WINDOWS\news86.zip
... C:\WINDOWS\news92.zip
... C:\WINDOWS\news98.zip

************************ MSNCHK ***** /!\ beta test /!\

[!] C:\WINDOWS\downloadme0.zip is INFECTED
[!] C:\WINDOWS\downloadme15.zip is INFECTED
[!] C:\WINDOWS\downloadme24.zip is INFECTED
[!] C:\WINDOWS\downloadme27.zip is INFECTED
[!] C:\WINDOWS\downloadme3.zip is INFECTED
[!] C:\WINDOWS\downloadme42.zip is INFECTED
[!] C:\WINDOWS\downloadme48.zip is INFECTED
[!] C:\WINDOWS\downloadme54.zip is INFECTED
[!] C:\WINDOWS\downloadme6.zip is INFECTED
[!] C:\WINDOWS\downloadme66.zip is INFECTED
[!] C:\WINDOWS\downloadme72.zip is INFECTED
[!] C:\WINDOWS\downloadme78.zip is INFECTED
[!] C:\WINDOWS\downloadme87.zip is INFECTED
[!] C:\WINDOWS\downloadme90.zip is INFECTED
[!] C:\WINDOWS\downloadme96.zip is INFECTED
[!] C:\WINDOWS\file1.zip is INFECTED
[!] C:\WINDOWS\file10.zip is INFECTED
[!] C:\WINDOWS\file13.zip is INFECTED
[!] C:\WINDOWS\file19.zip is INFECTED
[!] C:\WINDOWS\file25.zip is INFECTED
[!] C:\WINDOWS\file28.zip is INFECTED
[!] C:\WINDOWS\file31.zip is INFECTED
[!] C:\WINDOWS\file55.zip is INFECTED
[!] C:\WINDOWS\file7.zip is INFECTED
[!] C:\WINDOWS\file82.zip is INFECTED
[!] C:\WINDOWS\file85.zip is INFECTED
[!] C:\WINDOWS\file91.zip is INFECTED
[!] C:\WINDOWS\file94.zip is INFECTED
[!] C:\WINDOWS\files1.zip is INFECTED
[!] C:\WINDOWS\files10.zip is INFECTED
[!] C:\WINDOWS\files13.zip is INFECTED
[!] C:\WINDOWS\files19.zip is INFECTED
[!] C:\WINDOWS\files28.zip is INFECTED
[!] C:\WINDOWS\files31.zip is INFECTED
[!] C:\WINDOWS\files34.zip is INFECTED
[!] C:\WINDOWS\files40.zip is INFECTED
[!] C:\WINDOWS\files43.zip is INFECTED
[!] C:\WINDOWS\files49.zip is INFECTED
[!] C:\WINDOWS\files52.zip is INFECTED
[!] C:\WINDOWS\files55.zip is INFECTED
[!] C:\WINDOWS\files64.zip is INFECTED
[!] C:\WINDOWS\files7.zip is INFECTED
[!] C:\WINDOWS\files76.zip is INFECTED
[!] C:\WINDOWS\files79.zip is INFECTED
[!] C:\WINDOWS\files82.zip is INFECTED
[!] C:\WINDOWS\files91.zip is INFECTED
[!] C:\WINDOWS\JPGimage11.zip is INFECTED
[!] C:\WINDOWS\JPGimage2.zip is INFECTED
[!] C:\WINDOWS\JPGimage26.zip is INFECTED
[!] C:\WINDOWS\JPGimage29.zip is INFECTED
[!] C:\WINDOWS\JPGimage35.zip is INFECTED
[!] C:\WINDOWS\JPGimage41.zip is INFECTED
[!] C:\WINDOWS\JPGimage56.zip is INFECTED
[!] C:\WINDOWS\JPGimage59.zip is INFECTED
[!] C:\WINDOWS\JPGimage62.zip is INFECTED
[!] C:\WINDOWS\JPGimage65.zip is INFECTED
[!] C:\WINDOWS\JPGimage68.zip is INFECTED
[!] C:\WINDOWS\JPGimage71.zip is INFECTED
[!] C:\WINDOWS\JPGimage83.zip is INFECTED
[!] C:\WINDOWS\JPGimage95.zip is INFECTED
[!] C:\WINDOWS\look15.zip is INFECTED
[!] C:\WINDOWS\look21.zip is INFECTED
[!] C:\WINDOWS\look42.zip is INFECTED
[!] C:\WINDOWS\look45.zip is INFECTED
[!] C:\WINDOWS\look54.zip is INFECTED
[!] C:\WINDOWS\look6.zip is INFECTED
[!] C:\WINDOWS\look60.zip is INFECTED
[!] C:\WINDOWS\look66.zip is INFECTED
[!] C:\WINDOWS\look72.zip is INFECTED
[!] C:\WINDOWS\look75.zip is INFECTED
[!] C:\WINDOWS\look78.zip is INFECTED
[!] C:\WINDOWS\look81.zip is INFECTED
[!] C:\WINDOWS\look84.zip is INFECTED
[!] C:\WINDOWS\news14.zip is INFECTED
[!] C:\WINDOWS\news2.zip is INFECTED
[!] C:\WINDOWS\news20.zip is INFECTED
[!] C:\WINDOWS\news23.zip is INFECTED
[!] C:\WINDOWS\news32.zip is INFECTED
[!] C:\WINDOWS\news44.zip is INFECTED
[!] C:\WINDOWS\news5.zip is INFECTED
[!] C:\WINDOWS\news56.zip is INFECTED
[!] C:\WINDOWS\news59.zip is INFECTED
[!] C:\WINDOWS\news62.zip is INFECTED
[!] C:\WINDOWS\news86.zip is INFECTED
[!] C:\WINDOWS\news92.zip is INFECTED
[!] C:\WINDOWS\news98.zip is INFECTED


************************ Recherche les dossiers présents

Aucun dossier trouvé




************************ Suppression des fichiers

/!\ ... C:\WINDOWS\system32\direct3dx.dll
.. OK ... C:\WINDOWS\system32\directxd.exe
.. OK ... D:\Documents and Settings\bastien\gtkdlp.exe
.. OK ... D:\Documents and Settings\bastien\siwbyz.exe
.. OK ... D:\Documents and Settings\bastien\tanlch.exe
.. OK ... C:\WINDOWS\files1.zip
.. OK ... C:\WINDOWS\files10.zip
.. OK ... C:\WINDOWS\files13.zip
.. OK ... C:\WINDOWS\files19.zip
.. OK ... C:\WINDOWS\files28.zip
.. OK ... C:\WINDOWS\files31.zip
.. OK ... C:\WINDOWS\files34.zip
.. OK ... C:\WINDOWS\files40.zip
.. OK ... C:\WINDOWS\files43.zip
.. OK ... C:\WINDOWS\files49.zip
.. OK ... C:\WINDOWS\files52.zip
.. OK ... C:\WINDOWS\files55.zip
.. OK ... C:\WINDOWS\files64.zip
.. OK ... C:\WINDOWS\files7.zip
.. OK ... C:\WINDOWS\files76.zip
.. OK ... C:\WINDOWS\files79.zip
.. OK ... C:\WINDOWS\files82.zip
.. OK ... C:\WINDOWS\files91.zip
.. OK ... C:\WINDOWS\news14.zip
.. OK ... C:\WINDOWS\news2.zip
.. OK ... C:\WINDOWS\news20.zip
.. OK ... C:\WINDOWS\news23.zip
.. OK ... C:\WINDOWS\news32.zip
.. OK ... C:\WINDOWS\news44.zip
.. OK ... C:\WINDOWS\news5.zip
.. OK ... C:\WINDOWS\news56.zip
.. OK ... C:\WINDOWS\news59.zip
.. OK ... C:\WINDOWS\news62.zip
.. OK ... C:\WINDOWS\news86.zip
.. OK ... C:\WINDOWS\news92.zip
.. OK ... C:\WINDOWS\news98.zip
.. OK ... C:\WINDOWS\JPGimage11.zip
.. OK ... C:\WINDOWS\JPGimage2.zip
.. OK ... C:\WINDOWS\JPGimage26.zip
.. OK ... C:\WINDOWS\JPGimage29.zip
.. OK ... C:\WINDOWS\JPGimage35.zip
.. OK ... C:\WINDOWS\JPGimage41.zip
.. OK ... C:\WINDOWS\JPGimage56.zip
.. OK ... C:\WINDOWS\JPGimage59.zip
.. OK ... C:\WINDOWS\JPGimage62.zip
.. OK ... C:\WINDOWS\JPGimage65.zip
.. OK ... C:\WINDOWS\JPGimage68.zip
.. OK ... C:\WINDOWS\JPGimage71.zip
.. OK ... C:\WINDOWS\JPGimage83.zip
.. OK ... C:\WINDOWS\JPGimage95.zip
.. OK ... C:\WINDOWS\look15.zip
.. OK ... C:\WINDOWS\look21.zip
.. OK ... C:\WINDOWS\look42.zip
.. OK ... C:\WINDOWS\look45.zip
.. OK ... C:\WINDOWS\look54.zip
.. OK ... C:\WINDOWS\look6.zip
.. OK ... C:\WINDOWS\look60.zip
.. OK ... C:\WINDOWS\look66.zip
.. OK ... C:\WINDOWS\look72.zip
.. OK ... C:\WINDOWS\look75.zip
.. OK ... C:\WINDOWS\look78.zip
.. OK ... C:\WINDOWS\look81.zip
.. OK ... C:\WINDOWS\look84.zip
.. OK ... C:\WINDOWS\file1.zip
.. OK ... C:\WINDOWS\file10.zip
.. OK ... C:\WINDOWS\file13.zip
.. OK ... C:\WINDOWS\file19.zip
.. OK ... C:\WINDOWS\file25.zip
.. OK ... C:\WINDOWS\file28.zip
.. OK ... C:\WINDOWS\file31.zip
.. OK ... C:\WINDOWS\file55.zip
.. OK ... C:\WINDOWS\file7.zip
.. OK ... C:\WINDOWS\file82.zip
.. OK ... C:\WINDOWS\file85.zip
.. OK ... C:\WINDOWS\file91.zip
.. OK ... C:\WINDOWS\file94.zip
.. OK ... C:\WINDOWS\files1.zip
.. OK ... C:\WINDOWS\files10.zip
.. OK ... C:\WINDOWS\files13.zip
.. OK ... C:\WINDOWS\files19.zip
.. OK ... C:\WINDOWS\files28.zip
.. OK ... C:\WINDOWS\files31.zip
.. OK ... C:\WINDOWS\files34.zip
.. OK ... C:\WINDOWS\files40.zip
.. OK ... C:\WINDOWS\files43.zip
.. OK ... C:\WINDOWS\files49.zip
.. OK ... C:\WINDOWS\files52.zip
.. OK ... C:\WINDOWS\files55.zip
.. OK ... C:\WINDOWS\files64.zip
.. OK ... C:\WINDOWS\files7.zip
.. OK ... C:\WINDOWS\files76.zip
.. OK ... C:\WINDOWS\files79.zip
.. OK ... C:\WINDOWS\files82.zip
.. OK ... C:\WINDOWS\files91.zip
.. OK ... C:\WINDOWS\downloadme0.zip
.. OK ... C:\WINDOWS\downloadme15.zip
.. OK ... C:\WINDOWS\downloadme24.zip
.. OK ... C:\WINDOWS\downloadme27.zip
.. OK ... C:\WINDOWS\downloadme3.zip
.. OK ... C:\WINDOWS\downloadme42.zip
.. OK ... C:\WINDOWS\downloadme48.zip
.. OK ... C:\WINDOWS\downloadme54.zip
.. OK ... C:\WINDOWS\downloadme6.zip
.. OK ... C:\WINDOWS\downloadme66.zip
.. OK ... C:\WINDOWS\downloadme72.zip
.. OK ... C:\WINDOWS\downloadme78.zip
.. OK ... C:\WINDOWS\downloadme87.zip
.. OK ... C:\WINDOWS\downloadme90.zip
.. OK ... C:\WINDOWS\downloadme96.zip
.. OK ... C:\WINDOWS\news14.zip
.. OK ... C:\WINDOWS\news2.zip
.. OK ... C:\WINDOWS\news20.zip
.. OK ... C:\WINDOWS\news23.zip
.. OK ... C:\WINDOWS\news32.zip
.. OK ... C:\WINDOWS\news44.zip
.. OK ... C:\WINDOWS\news5.zip
.. OK ... C:\WINDOWS\news56.zip
.. OK ... C:\WINDOWS\news59.zip
.. OK ... C:\WINDOWS\news62.zip
.. OK ... C:\WINDOWS\news86.zip
.. OK ... C:\WINDOWS\news92.zip
.. OK ... C:\WINDOWS\news98.zip



************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\direct3dx.dll



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 02102007_16184548.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Contenus similaires
2 Octobre 2007 16:21:49

voici le rapport
2 Octobre 2007 16:27:25

dsl d'avoir répondu maintenant hier soir j'étais malade je suis allé me couché ^^
2 Octobre 2007 20:07:20

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:36, on 02/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Controle Parental\bin\splash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\APPS\ALARM\ALARM.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\bastien\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\apps\skype\phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] "C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] "C:\PROGRA~1\Wanadoo\GestMaj.exe" TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] "C:\PROGRA~1\Wanadoo\Shell.exe" appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Alarm] C:\APPS\ALARM\ALARM.EXE /HID
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\apps\skype\phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 12652 bytes
2 Octobre 2007 20:08:03

voila le rapport
2 Octobre 2007 20:13:17

ok je sais pas si j'aurai le temps de faire un scan complet ( ordi assez lent ) si j'ai pas le temps je te posterai le rapport demain apres midi
a b 8 Sécurité
2 Octobre 2007 20:15:18

Ok :) 
2 Octobre 2007 20:21:57

euh quand je suis sur aswclear j'ai cliqué sur "uninstall" et dans 'uninstall progress" il ya ca " Resident protection - Removed
Mail protection - Removed
Explorer extensions - Removed
Registry - Removed
Program was successfully removed" et ca avance plu c'est bon ?
a b 8 Sécurité
2 Octobre 2007 20:22:15

Oui.
2 Octobre 2007 20:23:58

ok je redemarre l'ordi a tout de suite .
2 Octobre 2007 20:31:01

c'est en anglais AntiVir ?
a b 8 Sécurité
2 Octobre 2007 20:32:32

Oui, mais je t'ai donné un tuto :) 
2 Octobre 2007 20:39:27

Le dl de antivir est tres lent :s , je pense que c'est du a mon ordi
2 Octobre 2007 20:59:30

a le telechargement a echoué ! tu sais pourquoi ?
a b 8 Sécurité
2 Octobre 2007 21:00:09

Il y a d'autres sites pour le téléchargement ;) 
2 Octobre 2007 21:03:00

ok je réessaye avec un autre site .. je ne serai pas la pendant 10 minutes je vais me doucher ^^
2 Octobre 2007 21:11:07

scan en cours ...
2 Octobre 2007 21:22:45

Il reste d'autres étapes après le scan encore ?
a b 8 Sécurité
2 Octobre 2007 21:38:25

Pas grand chose l)
2 Octobre 2007 21:55:36

ok =) . Mais c'est sur que mon virus ne sera plus la ?
a b 8 Sécurité
2 Octobre 2007 21:57:19

Oui ;) 
2 Octobre 2007 21:58:18

cool merci :) 
2 Octobre 2007 22:08:28

je dois y aller donc je recommencerai le scan demain et tu auras le rapport . ++ bonne nuit
a b 8 Sécurité
2 Octobre 2007 22:09:04

Ok ;) 
3 Octobre 2007 14:39:35

voici le rapport de scan de AntiVir


AntiVir PersonalEdition Classic
Report file date: mercredi 3 octobre 2007 12:59

Scanning for 863147 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: SN049845320029

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:55
ANTIVIR2.VDF : 7.0.0.32 315904 Bytes 28/09/2007 19:08:56
ANTIVIR3.VDF : 7.0.0.45 74240 Bytes 02/10/2007 19:08:56
AVEWIN32.DLL : 7.6.0.18 2810368 Bytes 02/10/2007 19:08:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 3 octobre 2007 12:59

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'WLANUTL.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ALARM.EXE' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'AOSD.EXE' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'ABOARD.EXE' - '1' Module(s) have been scanned
Scan process 'PCMService.exe' - '1' Module(s) have been scanned
Scan process 'DetectorApp.exe' - '1' Module(s) have been scanned
Scan process 'Vaderetro_oe.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'VTTrayp.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'USBDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'splash.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
54 processes with 54 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '38' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078264.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47337b61.qua'!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078265.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47337b62.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <DATA>
D:\Documents and Settings\bastien\Bureau\MSNFix\MSNFix\02102007_16184548.zip
[0] Archive type: ZIP
--> backup/direct3dx.dll
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.25000
--> backup/directxd.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme0.zip
[1] Archive type: ZIP
--> downloadme0.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme15.zip
[1] Archive type: ZIP
--> downloadme15.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme24.zip
[1] Archive type: ZIP
--> downloadme24.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme27.zip
[1] Archive type: ZIP
--> downloadme27.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme3.zip
[1] Archive type: ZIP
--> downloadme3.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme42.zip
[1] Archive type: ZIP
--> downloadme42.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme48.zip
[1] Archive type: ZIP
--> downloadme48.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme54.zip
[1] Archive type: ZIP
--> downloadme54.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme6.zip
[1] Archive type: ZIP
--> downloadme6.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme66.zip
[1] Archive type: ZIP
--> downloadme66.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme72.zip
[1] Archive type: ZIP
--> downloadme72.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme78.zip
[1] Archive type: ZIP
--> downloadme78.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme87.zip
[1] Archive type: ZIP
--> downloadme87.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme90.zip
[1] Archive type: ZIP
--> downloadme90.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/downloadme96.zip
[1] Archive type: ZIP
--> downloadme96.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file1.zip
[1] Archive type: ZIP
--> file1.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file10.zip
[1] Archive type: ZIP
--> file10.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file13.zip
[1] Archive type: ZIP
--> file13.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file19.zip
[1] Archive type: ZIP
--> file19.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file25.zip
[1] Archive type: ZIP
--> file25.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file28.zip
[1] Archive type: ZIP
--> file28.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file31.zip
[1] Archive type: ZIP
--> file31.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file55.zip
[1] Archive type: ZIP
--> file55.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file7.zip
[1] Archive type: ZIP
--> file7.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file82.zip
[1] Archive type: ZIP
--> file82.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file85.zip
[1] Archive type: ZIP
--> file85.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file91.zip
[1] Archive type: ZIP
--> file91.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/file94.zip
[1] Archive type: ZIP
--> file94.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files1.zip
[1] Archive type: ZIP
--> files1.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files10.zip
[1] Archive type: ZIP
--> files10.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files13.zip
[1] Archive type: ZIP
--> files13.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files19.zip
[1] Archive type: ZIP
--> files19.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files28.zip
[1] Archive type: ZIP
--> files28.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files31.zip
[1] Archive type: ZIP
--> files31.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files34.zip
[1] Archive type: ZIP
--> files34.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files40.zip
[1] Archive type: ZIP
--> files40.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files43.zip
[1] Archive type: ZIP
--> files43.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files49.zip
[1] Archive type: ZIP
--> files49.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files52.zip
[1] Archive type: ZIP
--> files52.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files55.zip
[1] Archive type: ZIP
--> files55.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files64.zip
[1] Archive type: ZIP
--> files64.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files7.zip
[1] Archive type: ZIP
--> files7.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files76.zip
[1] Archive type: ZIP
--> files76.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files79.zip
[1] Archive type: ZIP
--> files79.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files82.zip
[1] Archive type: ZIP
--> files82.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/files91.zip
[1] Archive type: ZIP
--> files91.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/gtkdlp.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/JPGimage11.zip
[1] Archive type: ZIP
--> JPGimage11.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage2.zip
[1] Archive type: ZIP
--> JPGimage2.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage26.zip
[1] Archive type: ZIP
--> JPGimage26.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage29.zip
[1] Archive type: ZIP
--> JPGimage29.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage35.zip
[1] Archive type: ZIP
--> JPGimage35.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage41.zip
[1] Archive type: ZIP
--> JPGimage41.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage56.zip
[1] Archive type: ZIP
--> JPGimage56.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage59.zip
[1] Archive type: ZIP
--> JPGimage59.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage62.zip
[1] Archive type: ZIP
--> JPGimage62.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage65.zip
[1] Archive type: ZIP
--> JPGimage65.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage68.zip
[1] Archive type: ZIP
--> JPGimage68.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage71.zip
[1] Archive type: ZIP
--> JPGimage71.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage83.zip
[1] Archive type: ZIP
--> JPGimage83.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/JPGimage95.zip
[1] Archive type: ZIP
--> JPGimage95.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look15.zip
[1] Archive type: ZIP
--> look15.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look21.zip
[1] Archive type: ZIP
--> look21.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look42.zip
[1] Archive type: ZIP
--> look42.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look45.zip
[1] Archive type: ZIP
--> look45.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look54.zip
[1] Archive type: ZIP
--> look54.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look6.zip
[1] Archive type: ZIP
--> look6.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look60.zip
[1] Archive type: ZIP
--> look60.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look66.zip
[1] Archive type: ZIP
--> look66.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look72.zip
[1] Archive type: ZIP
--> look72.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look75.zip
[1] Archive type: ZIP
--> look75.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look78.zip
[1] Archive type: ZIP
--> look78.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look81.zip
[1] Archive type: ZIP
--> look81.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/look84.zip
[1] Archive type: ZIP
--> look84.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news14.zip
[1] Archive type: ZIP
--> news14.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news2.zip
[1] Archive type: ZIP
--> news2.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news20.zip
[1] Archive type: ZIP
--> news20.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news23.zip
[1] Archive type: ZIP
--> news23.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news32.zip
[1] Archive type: ZIP
--> news32.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news44.zip
[1] Archive type: ZIP
--> news44.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news5.zip
[1] Archive type: ZIP
--> news5.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news56.zip
[1] Archive type: ZIP
--> news56.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news59.zip
[1] Archive type: ZIP
--> news59.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news62.zip
[1] Archive type: ZIP
--> news62.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news86.zip
[1] Archive type: ZIP
--> news86.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news92.zip
[1] Archive type: ZIP
--> news92.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/news98.zip
[1] Archive type: ZIP
--> news98.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
--> backup/siwbyz.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/tanlch.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47348949.qua'!
D:\Documents and Settings\bastien\Local Settings\Temporary Internet Files\Content.IE5\92DI6UWR\setup_nxd[1].exe
[DETECTION] Contains detection pattern of the dropper DR/Click.VB.DA.1
[INFO] The file was moved to '47778aba.qua'!
D:\Documents and Settings\bastien\Local Settings\Temporary Internet Files\Content.IE5\EK1D0XBJ\net[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47778b18.qua'!
D:\Documents and Settings\bastien\Local Settings\Temporary Internet Files\Content.IE5\RIICMS1D\ss[1].exe
[DETECTION] Is the Trojan horse TR/Proxy.Agent.OO
[INFO] The file was moved to '475e8bf7.qua'!
D:\Documents and Settings\bastien\Mes documents\Mes fichiers reçus\look87.zip
[0] Archive type: ZIP
--> look87.scr
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
[INFO] The file was moved to '47728c1e.qua'!
D:\Documents and Settings\cecilia\clfmgg.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47698c26.qua'!
D:\Documents and Settings\cecilia\dvhtyj.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '476b8c31.qua'!
D:\Documents and Settings\cecilia\erobac.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47728c2f.qua'!
D:\Documents and Settings\cecilia\fkzweu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '477d8c29.qua'!
D:\Documents and Settings\cecilia\halaoq.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '476f8c21.qua'!
D:\Documents and Settings\cecilia\jagssi.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '476a8c22.qua'!
D:\Documents and Settings\cecilia\jftizj.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47778c29.qua'!
D:\Documents and Settings\cecilia\mtokrv.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47728c3c.qua'!
D:\Documents and Settings\cecilia\skqdgb.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47748c33.qua'!
D:\Documents and Settings\cecilia\xnmalp.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47708c37.qua'!
D:\Documents and Settings\cecilia\Local Settings\Temporary Internet Files\Content.IE5\SG7GKDPT\net[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47778d24.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP279\A0074122.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d51.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP279\A0074123.exe
[DETECTION] Is the Trojan horse TR/Proxy.Agent.OO
[INFO] The file was moved to '46ace872.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078113.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d57.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078114.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace878.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078115.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d58.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078123.dll
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.25000
[INFO] The file was moved to '46ace879.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078124.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.26112.3
[INFO] The file was moved to '47338d5a.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078125.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace87b.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078133.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d59.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP292\A0078135.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace87a.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078282.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d5c.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078283.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d5d.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078284.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace87e.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078285.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d5f.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078286.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace840.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078287.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338d5e.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078288.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46ace87f.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078289.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47338da0.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078290.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46acd007.qua'!
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP295\A0078291.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '46acd038.qua'!


End of the scan: mercredi 3 octobre 2007 14:38
Used time: 1:38:48 min

The scan has been done completely.

8045 Scanning directories
335008 Files were scanned
128 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
38 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
334880 Files not concerned
10146 Archives were scanned
3 Warnings
1 Notes

a b 8 Sécurité
3 Octobre 2007 14:42:18

Reposte un rapport Hijackthis.
3 Octobre 2007 14:43:33

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:43:15, on 03/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Controle Parental\bin\splash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\LVComS.exe
C:\APPS\ALARM\ALARM.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\bastien\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\apps\skype\phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] "C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] "C:\PROGRA~1\Wanadoo\GestMaj.exe" TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] "C:\PROGRA~1\Wanadoo\Shell.exe" appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Alarm] C:\APPS\ALARM\ALARM.EXE /HID
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\apps\skype\phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.orderingmemory.com/controls/cpcScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 12326 bytes
a b 8 Sécurité
3 Octobre 2007 14:49:38

Ton pc se comporte mieux ?
3 Octobre 2007 14:55:07

Ben apparemment msn remarche et n'envoi plus de virus a personne donc ..
3 Octobre 2007 14:56:41

Oui il se comporte mieux et ne rame plus sur internet ! :)  Il y a encore d'autres choses a faire ?
a b 8 Sécurité
3 Octobre 2007 14:56:54

Des questions ?
3 Octobre 2007 15:00:00

Eh bien non ça a l'air clean :) 
a b 8 Sécurité
3 Octobre 2007 15:02:19

Bon surf alors :) 
3 Octobre 2007 15:03:42

Eh bien merci beaucoup :) . Bon surf a toi ;)  a+
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS