Avast Application Win32 non valide
Forum Sécurité - Virus : Avast Application Win32 non valide
Bonjour,
Voilà j'ai un gros problème c'est que mon antivirus AVAST ne veut plus démarrer et quand j'essaye de le démarrer j'ai marqué application Win32 non valide....
Deplus, je ne peut installer aucun autre antivirus, ça marche pas !!!
Que dois je faire ???
Merci d'avance
PS: J'ai windows XP
Salut,
Télécharge ELIBAGLA au bas de cette page. Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !
Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton bureau.
Lance le en double cliquant dessus.
Vérifie que dans le menu déroulant Unidad, il y ait bien C:\
L'option Eliminar Ficheros Automaticamente doit également être cochée.
Clique sur Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
Répondre à XmichouX
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 5123
Nº Total de Ficheros: 51321
Nº de Ficheros Analizados: 9933
Nº de Ficheros Infectados: 3
Nº de Ficheros Limpiados: 3
Wed Mar 12 20:10:54 2008
EliBagle v11.14 (c)2008 S.G.H. / Satinfo S.L.
Message édité par lezert le 12-03-2008 à 20:12:15
Manquerait pas le début du rapport par hasard ? 
Télécharge Combofix (de sUBs) sur ton Bureau.
Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique combofix.exe. (Clique droit->Exécuter en tant qu'administrateur si sous Vista)
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : C:\Combofix.txt
Répondre à XmichouX
Quand je lance Conbofix, j'ai Elibagla qui se lance. Et Conbofix est tout bleu avec un curceur horizontal qui clignote. C'est normal ?
Que doir je faire ? Lancer un new scan avec Eligabla ?
Merci d'avance
Elibagla qui se lance quand tu lances combofix ? 
oui il y a un écran bleu, il faut attendre un peu.
Répondre à XmichouX
Voilà c'est fait !!!
Je fais quoi maintenant?
J'ai un fichier log qui a été créer.
Je le poste ICI ?
Merci
ComboFix 08-03-10.1 - Maxime 2008-03-12 20:42:05.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.192 [GMT 1:00]
Endroit: C:\Documents and Settings\Maxime\Bureau\test.exe
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Maxime\Application Data\inst.exe
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\101078.exe
C:\WINDOWS\system32\drivers\down\104171.exe
C:\WINDOWS\system32\drivers\down\1078828.exe
C:\WINDOWS\system32\drivers\down\107968.exe
C:\WINDOWS\system32\drivers\down\10820687.exe
C:\WINDOWS\system32\drivers\down\10825640.exe
C:\WINDOWS\system32\drivers\down\10827906.exe
C:\WINDOWS\system32\drivers\down\10830843.exe
C:\WINDOWS\system32\drivers\down\1084875.exe
C:\WINDOWS\system32\drivers\down\10853593.exe
C:\WINDOWS\system32\drivers\down\10882406.exe
C:\WINDOWS\system32\drivers\down\10890562.exe
C:\WINDOWS\system32\drivers\down\10894421.exe
C:\WINDOWS\system32\drivers\down\1091265.exe
C:\WINDOWS\system32\drivers\down\10935031.exe
C:\WINDOWS\system32\drivers\down\10936906.exe
C:\WINDOWS\system32\drivers\down\10943828.exe
C:\WINDOWS\system32\drivers\down\1094875.exe
C:\WINDOWS\system32\drivers\down\10980109.exe
C:\WINDOWS\system32\drivers\down\1114937.exe
C:\WINDOWS\system32\drivers\down\111796.exe
C:\WINDOWS\system32\drivers\down\1121625.exe
C:\WINDOWS\system32\drivers\down\1128953.exe
C:\WINDOWS\system32\drivers\down\1132203.exe
C:\WINDOWS\system32\drivers\down\113281.exe
C:\WINDOWS\system32\drivers\down\114281.exe
C:\WINDOWS\system32\drivers\down\1143250.exe
C:\WINDOWS\system32\drivers\down\114578.exe
C:\WINDOWS\system32\drivers\down\1147453.exe
C:\WINDOWS\system32\drivers\down\1151265.exe
C:\WINDOWS\system32\drivers\down\1155156.exe
C:\WINDOWS\system32\drivers\down\115625.exe
C:\WINDOWS\system32\drivers\down\1178625.exe
C:\WINDOWS\system32\drivers\down\118093.exe
C:\WINDOWS\system32\drivers\down\1189359.exe
C:\WINDOWS\system32\drivers\down\120671.exe
C:\WINDOWS\system32\drivers\down\122062.exe
C:\WINDOWS\system32\drivers\down\122859.exe
C:\WINDOWS\system32\drivers\down\123437.exe
C:\WINDOWS\system32\drivers\down\125812.exe
C:\WINDOWS\system32\drivers\down\125859.exe
C:\WINDOWS\system32\drivers\down\130609.exe
C:\WINDOWS\system32\drivers\down\131750.exe
C:\WINDOWS\system32\drivers\down\135625.exe
C:\WINDOWS\system32\drivers\down\136000.exe
C:\WINDOWS\system32\drivers\down\139187.exe
C:\WINDOWS\system32\drivers\down\140562.exe
C:\WINDOWS\system32\drivers\down\141546.exe
C:\WINDOWS\system32\drivers\down\143484.exe
C:\WINDOWS\system32\drivers\down\144500.exe
C:\WINDOWS\system32\drivers\down\146375.exe
C:\WINDOWS\system32\drivers\down\14671265.exe
C:\WINDOWS\system32\drivers\down\14679328.exe
C:\WINDOWS\system32\drivers\down\14682312.exe
C:\WINDOWS\system32\drivers\down\14724562.exe
C:\WINDOWS\system32\drivers\down\14727375.exe
C:\WINDOWS\system32\drivers\down\14747328.exe
C:\WINDOWS\system32\drivers\down\14754437.exe
C:\WINDOWS\system32\drivers\down\14756765.exe
C:\WINDOWS\system32\drivers\down\14759718.exe
C:\WINDOWS\system32\drivers\down\14762421.exe
C:\WINDOWS\system32\drivers\down\14768812.exe
C:\WINDOWS\system32\drivers\down\14772171.exe
C:\WINDOWS\system32\drivers\down\14773156.exe
C:\WINDOWS\system32\drivers\down\14773515.exe
C:\WINDOWS\system32\drivers\down\14776359.exe
C:\WINDOWS\system32\drivers\down\14778296.exe
C:\WINDOWS\system32\drivers\down\14810750.exe
C:\WINDOWS\system32\drivers\down\149843.exe
C:\WINDOWS\system32\drivers\down\15101921.exe
C:\WINDOWS\system32\drivers\down\15132875.exe
C:\WINDOWS\system32\drivers\down\15136125.exe
C:\WINDOWS\system32\drivers\down\15142859.exe
C:\WINDOWS\system32\drivers\down\15146687.exe
C:\WINDOWS\system32\drivers\down\15147468.exe
C:\WINDOWS\system32\drivers\down\15151390.exe
C:\WINDOWS\system32\drivers\down\15188734.exe
C:\WINDOWS\system32\drivers\down\152734.exe
C:\WINDOWS\system32\drivers\down\158671.exe
C:\WINDOWS\system32\drivers\down\163218.exe
C:\WINDOWS\system32\drivers\down\163937.exe
C:\WINDOWS\system32\drivers\down\165062.exe
C:\WINDOWS\system32\drivers\down\169250.exe
C:\WINDOWS\system32\drivers\down\170640.exe
C:\WINDOWS\system32\drivers\down\171781.exe
C:\WINDOWS\system32\drivers\down\174218.exe
C:\WINDOWS\system32\drivers\down\176812.exe
C:\WINDOWS\system32\drivers\down\177546.exe
C:\WINDOWS\system32\drivers\down\177734.exe
C:\WINDOWS\system32\drivers\down\180656.exe
C:\WINDOWS\system32\drivers\down\180718.exe
C:\WINDOWS\system32\drivers\down\181640.exe
C:\WINDOWS\system32\drivers\down\183906.exe
C:\WINDOWS\system32\drivers\down\184421.exe
C:\WINDOWS\system32\drivers\down\187875.exe
C:\WINDOWS\system32\drivers\down\191500.exe
C:\WINDOWS\system32\drivers\down\191796.exe
C:\WINDOWS\system32\drivers\down\192640.exe
C:\WINDOWS\system32\drivers\down\193921.exe
C:\WINDOWS\system32\drivers\down\194031.exe
C:\WINDOWS\system32\drivers\down\194671.exe
C:\WINDOWS\system32\drivers\down\194843.exe
C:\WINDOWS\system32\drivers\down\195750.exe
C:\WINDOWS\system32\drivers\down\197421.exe
C:\WINDOWS\system32\drivers\down\197953.exe
C:\WINDOWS\system32\drivers\down\198906.exe
C:\WINDOWS\system32\drivers\down\200000.exe
C:\WINDOWS\system32\drivers\down\201828.exe
C:\WINDOWS\system32\drivers\down\202984.exe
C:\WINDOWS\system32\drivers\down\204937.exe
C:\WINDOWS\system32\drivers\down\207250.exe
C:\WINDOWS\system32\drivers\down\208343.exe
C:\WINDOWS\system32\drivers\down\209218.exe
C:\WINDOWS\system32\drivers\down\212234.exe
C:\WINDOWS\system32\drivers\down\213640.exe
C:\WINDOWS\system32\drivers\down\216187.exe
C:\WINDOWS\system32\drivers\down\216343.exe
C:\WINDOWS\system32\drivers\down\218906.exe
C:\WINDOWS\system32\drivers\down\219300140.exe
C:\WINDOWS\system32\drivers\down\219307218.exe
C:\WINDOWS\system32\drivers\down\219309687.exe
C:\WINDOWS\system32\drivers\down\219321000.exe
C:\WINDOWS\system32\drivers\down\219325359.exe
C:\WINDOWS\system32\drivers\down\219333703.exe
C:\WINDOWS\system32\drivers\down\219338546.exe
C:\WINDOWS\system32\drivers\down\219339125.exe
C:\WINDOWS\system32\drivers\down\219340312.exe
C:\WINDOWS\system32\drivers\down\219346250.exe
C:\WINDOWS\system32\drivers\down\219348593.exe
C:\WINDOWS\system32\drivers\down\219381875.exe
C:\WINDOWS\system32\drivers\down\233802890.exe
C:\WINDOWS\system32\drivers\down\233806000.exe
C:\WINDOWS\system32\drivers\down\233809359.exe
C:\WINDOWS\system32\drivers\down\233811656.exe
C:\WINDOWS\system32\drivers\down\233815031.exe
C:\WINDOWS\system32\drivers\down\233837671.exe
C:\WINDOWS\system32\drivers\down\233845390.exe
C:\WINDOWS\system32\drivers\down\233847875.exe
C:\WINDOWS\system32\drivers\down\233860531.exe
C:\WINDOWS\system32\drivers\down\233863093.exe
C:\WINDOWS\system32\drivers\down\233869531.exe
C:\WINDOWS\system32\drivers\down\233872953.exe
C:\WINDOWS\system32\drivers\down\233873750.exe
C:\WINDOWS\system32\drivers\down\233874578.exe
C:\WINDOWS\system32\drivers\down\233877187.exe
C:\WINDOWS\system32\drivers\down\233879109.exe
C:\WINDOWS\system32\drivers\down\233917125.exe
C:\WINDOWS\system32\drivers\down\234750.exe
C:\WINDOWS\system32\drivers\down\237453.exe
C:\WINDOWS\system32\drivers\down\241140.exe
C:\WINDOWS\system32\drivers\down\241390.exe
C:\WINDOWS\system32\drivers\down\245734.exe
C:\WINDOWS\system32\drivers\down\245921.exe
C:\WINDOWS\system32\drivers\down\246921.exe
C:\WINDOWS\system32\drivers\down\249843.exe
C:\WINDOWS\system32\drivers\down\250843.exe
C:\WINDOWS\system32\drivers\down\253906.exe
C:\WINDOWS\system32\drivers\down\255703.exe
C:\WINDOWS\system32\drivers\down\256281.exe
C:\WINDOWS\system32\drivers\down\260546.exe
C:\WINDOWS\system32\drivers\down\264265.exe
C:\WINDOWS\system32\drivers\down\267359.exe
C:\WINDOWS\system32\drivers\down\279437.exe
C:\WINDOWS\system32\drivers\down\283625.exe
C:\WINDOWS\system32\drivers\down\286406.exe
C:\WINDOWS\system32\drivers\down\29234437.exe
C:\WINDOWS\system32\drivers\down\29245187.exe
C:\WINDOWS\system32\drivers\down\29247687.exe
C:\WINDOWS\system32\drivers\down\29250843.exe
C:\WINDOWS\system32\drivers\down\29254453.exe
C:\WINDOWS\system32\drivers\down\29278156.exe
C:\WINDOWS\system32\drivers\down\29287828.exe
C:\WINDOWS\system32\drivers\down\29290765.exe
C:\WINDOWS\system32\drivers\down\29293421.exe
C:\WINDOWS\system32\drivers\down\29296281.exe
C:\WINDOWS\system32\drivers\down\29324062.exe
C:\WINDOWS\system32\drivers\down\29328187.exe
C:\WINDOWS\system32\drivers\down\29328515.exe
C:\WINDOWS\system32\drivers\down\29328828.exe
C:\WINDOWS\system32\drivers\down\29332562.exe
C:\WINDOWS\system32\drivers\down\29334203.exe
C:\WINDOWS\system32\drivers\down\29367343.exe
C:\WINDOWS\system32\drivers\down\309671.exe
C:\WINDOWS\system32\drivers\down\31431296.exe
C:\WINDOWS\system32\drivers\down\31467875.exe
C:\WINDOWS\system32\drivers\down\31476250.exe
C:\WINDOWS\system32\drivers\down\31513687.exe
C:\WINDOWS\system32\drivers\down\315234.exe
C:\WINDOWS\system32\drivers\down\31543125.exe
C:\WINDOWS\system32\drivers\down\31761000.exe
C:\WINDOWS\system32\drivers\down\31823421.exe
C:\WINDOWS\system32\drivers\down\318468.exe
C:\WINDOWS\system32\drivers\down\31909187.exe
C:\WINDOWS\system32\drivers\down\31955406.exe
C:\WINDOWS\system32\drivers\down\321687.exe
C:\WINDOWS\system32\drivers\down\32259937.exe
C:\WINDOWS\system32\drivers\down\32348531.exe
C:\WINDOWS\system32\drivers\down\323984.exe
C:\WINDOWS\system32\drivers\down\32421281.exe
C:\WINDOWS\system32\drivers\down\32422328.exe
C:\WINDOWS\system32\drivers\down\32550125.exe
C:\WINDOWS\system32\drivers\down\33046734.exe
C:\WINDOWS\system32\drivers\down\344234.exe
C:\WINDOWS\system32\drivers\down\350578.exe
C:\WINDOWS\system32\drivers\down\361406.exe
C:\WINDOWS\system32\drivers\down\381250.exe
C:\WINDOWS\system32\drivers\down\384968.exe
C:\WINDOWS\system32\drivers\down\410531.exe
C:\WINDOWS\system32\drivers\down\413125.exe
C:\WINDOWS\system32\drivers\down\425234.exe
C:\WINDOWS\system32\drivers\down\428640.exe
C:\WINDOWS\system32\drivers\down\448015.exe
C:\WINDOWS\system32\drivers\down\463375.exe
C:\WINDOWS\system32\drivers\down\572265.exe
C:\WINDOWS\system32\drivers\down\57264531.exe
C:\WINDOWS\system32\drivers\down\57268218.exe
C:\WINDOWS\system32\drivers\down\57270421.exe
C:\WINDOWS\system32\drivers\down\57272906.exe
C:\WINDOWS\system32\drivers\down\57321921.exe
C:\WINDOWS\system32\drivers\down\57335234.exe
C:\WINDOWS\system32\drivers\down\57361843.exe
C:\WINDOWS\system32\drivers\down\57367781.exe
C:\WINDOWS\system32\drivers\down\57375093.exe
C:\WINDOWS\system32\drivers\down\57388609.exe
C:\WINDOWS\system32\drivers\down\57390750.exe
C:\WINDOWS\system32\drivers\down\57395890.exe
C:\WINDOWS\system32\drivers\down\57431328.exe
C:\WINDOWS\system32\drivers\down\608656.exe
C:\WINDOWS\system32\drivers\down\63362406.exe
C:\WINDOWS\system32\drivers\down\63375875.exe
C:\WINDOWS\system32\drivers\down\63405750.exe
C:\WINDOWS\system32\drivers\down\63507234.exe
C:\WINDOWS\system32\drivers\down\63613328.exe
C:\WINDOWS\system32\drivers\down\6396515.exe
C:\WINDOWS\system32\drivers\down\6404734.exe
C:\WINDOWS\system32\drivers\down\6407406.exe
C:\WINDOWS\system32\drivers\down\6436078.exe
C:\WINDOWS\system32\drivers\down\6444406.exe
C:\WINDOWS\system32\drivers\down\6447265.exe
C:\WINDOWS\system32\drivers\down\6453250.exe
C:\WINDOWS\system32\drivers\down\6458593.exe
C:\WINDOWS\system32\drivers\down\6465640.exe
C:\WINDOWS\system32\drivers\down\6469656.exe
C:\WINDOWS\system32\drivers\down\6470328.exe
C:\WINDOWS\system32\drivers\down\6471062.exe
C:\WINDOWS\system32\drivers\down\6477828.exe
C:\WINDOWS\system32\drivers\down\647812.exe
C:\WINDOWS\system32\drivers\down\6480046.exe
C:\WINDOWS\system32\drivers\down\6515359.exe
C:\WINDOWS\system32\drivers\down\654453.exe
C:\WINDOWS\system32\drivers\down\678531.exe
C:\WINDOWS\system32\drivers\down\693140.exe
C:\WINDOWS\system32\drivers\down\722343.exe
C:\WINDOWS\system32\drivers\down\729000.exe
C:\WINDOWS\system32\drivers\down\772328.exe
C:\WINDOWS\system32\drivers\down\778250.exe
C:\WINDOWS\system32\drivers\down\781890.exe
C:\WINDOWS\system32\drivers\down\783187.exe
C:\WINDOWS\system32\drivers\down\797781.exe
C:\WINDOWS\system32\drivers\down\824500.exe
C:\WINDOWS\system32\drivers\down\827765.exe
C:\WINDOWS\system32\drivers\down\842625.exe
C:\WINDOWS\system32\drivers\down\85703.exe
C:\WINDOWS\system32\drivers\down\879625.exe
C:\WINDOWS\system32\drivers\down\88890.exe
C:\WINDOWS\system32\drivers\down\91515.exe
C:\WINDOWS\system32\drivers\down\92187.exe
C:\WINDOWS\system32\drivers\down\936375.exe
C:\WINDOWS\system32\drivers\down\94156.exe
C:\WINDOWS\system32\drivers\down\95453.exe
C:\WINDOWS\system32\drivers\down\97312.exe
C:\WINDOWS\system32\drivers\down\98312.exe
C:\WINDOWS\system32\drivers\down\99484.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_SROSA
-------\srosa
((((((((((((((((((((((((((((( Fichiers créés 2008-02-12 to 2008-03-12 ))))))))))))))))))))))))))))))))))))
.
2008-03-11 20:32 . 2008-03-11 20:32 81,465 --a------ C:\WINDOWS\system32\drivers\klif.cab
2008-03-11 19:26 . 2008-03-11 19:26 <REP> d-------- C:\Program Files\Lavasoft
2008-03-11 17:01 . 2008-03-11 17:01 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\OpenOffice.org2
2008-03-11 16:58 . 2008-03-11 16:59 <REP> d-------- C:\Program Files\OpenOffice.org 2.3
2008-03-10 19:37 . 2008-03-12 12:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-10 19:26 . 2008-03-12 20:48 <REP> d--h----- C:\Documents and Settings\Maxime\Application Data\m
2008-03-10 19:09 . 2008-03-10 19:09 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\TuneUp Software
2008-03-10 19:09 . 2008-03-10 19:09 307,968 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-10 19:09 . 2008-02-27 13:15 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-03-10 19:08 . 2008-03-10 19:09 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-03-10 19:08 . 2008-03-12 12:11 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-10 19:08 . 2008-03-10 19:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-03-05 14:36 . 2008-03-05 14:37 <REP> d-------- C:\Program Files\netbeans-5.5.1
2008-03-05 08:03 . 2008-03-05 08:03 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\EPSON
2008-03-02 19:10 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-02 19:10 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-02 19:10 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-02 19:09 . 2008-03-02 19:09 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-02 19:08 . 2008-03-02 19:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-28 21:52 . 2007-02-06 13:24 1,126,400 --a------ C:\WINDOWS\system32\GflAx.dll
2008-02-28 21:52 . 2004-03-09 00:00 609,824 --a------ C:\WINDOWS\system32\comctl32.ocx
2008-02-28 21:52 . 2001-04-24 16:22 140,288 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-02-28 21:52 . 2001-06-11 20:03 98,304 --a------ C:\WINDOWS\system32\HLBButton6.ocx
2008-02-28 21:52 . 2002-12-16 15:27 40,960 --a------ C:\WINDOWS\system32\vbalFlBr6.dll
2008-02-28 21:52 . 2003-02-06 07:58 40,960 --a------ C:\WINDOWS\system32\MouseEventsCapture.ocx
2008-02-28 21:00 . 2008-02-28 21:02 <REP> d-------- C:\Program Files\Cryptus 2006
2008-02-28 20:59 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-28 20:59 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-28 19:21 . 2008-02-28 19:21 <REP> d-------- C:\FILEPROT
2008-02-28 19:21 . 2008-02-28 19:21 32,768 --a------ C:\WINDOWS\system32\fpdrv.dll
2008-02-28 19:21 . 2008-02-28 19:21 32,491 --a------ C:\WINDOWS\system32\drivers\fileprot.sys
2008-02-28 19:21 . 2008-02-28 19:21 24,576 --a------ C:\WINDOWS\system32\loadfp.exe
2008-02-28 17:58 . 2008-03-10 00:36 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-28 17:54 . 2006-10-13 00:00 61,952 --a------ C:\WINDOWS\system32\escwiad.dll
2008-02-28 17:54 . 2005-02-25 00:00 46,080 --a------ C:\WINDOWS\system32\escimgd.dll
2008-02-28 17:54 . 2005-02-25 00:00 22,016 --a------ C:\WINDOWS\system32\esccmd.dll
2008-02-28 17:04 . 2008-03-10 19:15 <REP> d-------- C:\Program Files\Ahead
2008-02-28 16:54 . 2008-03-05 14:03 <REP> d-------- C:\LaBonnePaye
2008-02-28 16:49 . 2008-02-28 16:49 <REP> d-------- C:\Documents and Settings\Maxime\.netbeans
2008-02-26 19:14 . 2008-02-26 19:14 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\T.Aragon
2008-02-26 19:13 . 2008-03-10 19:22 <REP> d-------- C:\Program Files\WinSesame
2008-02-26 19:13 . 2008-02-28 22:32 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\WinSesame
2008-02-25 13:48 . 2008-02-25 13:48 <REP> d-------- C:\Program Files\My Lockbox
2008-02-25 13:48 . 2007-12-13 20:13 17,264 --a------ C:\WINDOWS\system32\drivers\mprifl.sys
2008-02-22 19:31 . 2008-02-22 19:31 244 --ah----- C:\sqmnoopt14.sqm
2008-02-22 19:31 . 2008-02-22 19:31 232 --ah----- C:\sqmdata14.sqm
2008-02-22 18:21 . 2008-02-22 18:21 244 --ah----- C:\sqmnoopt13.sqm
2008-02-22 18:21 . 2008-02-22 18:21 232 --ah----- C:\sqmdata13.sqm
2008-02-21 09:35 . 2008-02-21 09:35 244 --ah----- C:\sqmnoopt12.sqm
2008-02-21 09:35 . 2008-02-21 09:35 232 --ah----- C:\sqmdata12.sqm
2008-02-20 23:37 . 2008-02-20 23:37 244 --ah----- C:\sqmnoopt11.sqm
2008-02-20 23:37 . 2008-02-20 23:37 232 --ah----- C:\sqmdata11.sqm
2008-02-19 23:32 . 2008-02-19 23:32 244 --ah----- C:\sqmnoopt10.sqm
2008-02-19 23:32 . 2008-02-19 23:32 232 --ah----- C:\sqmdata10.sqm
2008-02-19 19:06 . 2008-02-19 19:06 244 --ah----- C:\sqmnoopt09.sqm
2008-02-19 19:06 . 2008-02-19 19:06 232 --ah----- C:\sqmdata09.sqm
2008-02-19 10:27 . 2008-02-19 10:27 244 --ah----- C:\sqmnoopt08.sqm
2008-02-19 10:27 . 2008-02-19 10:27 232 --ah----- C:\sqmdata08.sqm
2008-02-18 18:16 . 2008-02-18 18:16 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\PokerAcademy2
2008-02-15 12:34 . 2008-02-15 12:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-02-14 21:43 . 2008-02-14 21:43 <REP> d-------- C:\TempDVD
2008-02-14 21:43 . 2008-02-14 21:44 <REP> d-------- C:\Program Files\dvdSanta
2008-02-14 21:40 . 2008-03-10 19:11 <REP> d-------- C:\Program Files\VSO
2008-02-14 21:40 . 2008-03-10 19:11 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\Vso
2008-02-14 21:40 . 2008-02-14 21:40 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-02-14 21:40 . 2008-03-10 19:11 47,360 --a------ C:\Documents and Settings\Maxime\Application Data\pcouffin.sys
2008-02-14 18:41 . 2008-02-14 18:41 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\River Past G5
2008-02-14 18:41 . 2008-02-14 21:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\River Past G5
2008-02-14 18:33 . 2008-02-14 21:49 <REP> d-------- C:\Program Files\MKVtoolnix
2008-02-14 18:27 . 2008-02-14 18:35 <REP> d-------- C:\Program Files\DivX
2008-02-14 18:20 . 2008-02-14 18:35 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-02-14 18:19 . 2008-02-14 18:42 <REP> d-------- C:\Program Files\Ripp-it_AM
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-11 19:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-10 18:16 --------- d-----w C:\Program Files\Applications
2008-03-02 18:11 --------- d-----w C:\Program Files\MSN Messenger
2008-03-02 18:09 --------- d-----w C:\Program Files\Windows Live
2008-02-28 16:54 --------- d-----w C:\Program Files\EPSON
2008-02-27 12:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-08 08:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-02-06 18:00 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-05 21:23 --------- d-----w C:\Documents and Settings\Maxime\Application Data\Apple Computer
2008-02-04 19:48 --------- d-----w C:\Program Files\AdVantage
2008-02-04 17:05 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-04 16:48 --------- d-----w C:\Program Files\Google
2008-01-30 23:30 --------- d-----w C:\Documents and Settings\Maxime\Application Data\Ashampoo
2008-01-30 23:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\ashampoo
2008-01-30 19:42 64,942 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-01-30 19:42 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-01-30 19:11 --------- d-----w C:\Program Files\iTunes
2008-01-30 19:11 --------- d-----w C:\Program Files\iPod
2008-01-30 19:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-30 19:09 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-01-30 19:09 --------- d-----w C:\Program Files\Apple Software Update
2008-01-30 19:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-01-30 17:51 --------- d-----w C:\Program Files\Alwil Software
2008-01-30 17:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-01-30 17:48 --------- d-----w C:\Documents and Settings\Maxime\Application Data\vlc
2008-01-30 17:46 --------- d-----w C:\Program Files\VideoLAN
2008-01-30 17:36 --------- d-----w C:\Program Files\GIMP-2.0
2008-01-30 17:20 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-30 17:18 --------- d-----w C:\Program Files\Sun
2008-01-30 17:18 --------- d-----w C:\Program Files\Java
2008-01-30 17:16 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-01-30 17:15 357 ----a-w C:\Documents and Settings\Maxime\.cb_layout.bin
2008-01-30 17:07 --------- d-----w C:\Program Files\Microsoft.NET
2008-01-30 16:53 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-01-30 16:50 --------- d-----w C:\Program Files\Maple 10
2008-01-30 16:31 --------- d-----w C:\Program Files\Synaptics
2008-01-30 16:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-30 16:17 --------- d-----w C:\Program Files\ATI Technologies
2008-01-30 16:14 --------- d-----w C:\Program Files\DIFX
2008-01-30 15:47 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-30 15:46 --------- d-----w C:\Program Files\Services en ligne
2004-08-19 15:10 60,416 --sha-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 23:21 14156800 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 21:05 339968]
"RMC"="C:\WINDOWS\system32\drivers\RMC.exe" [2005-03-28 17:55 24576]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-04 11:13 102490]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-04 11:12 708698]
"jEdit Server"="C:\WINDOWS\system32\javaw.exe" [2007-07-12 01:22 135168]
"EPSON Stylus Photo RX420 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [2004-04-09 03:00 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"winsesame_del"=C:\Program Files\WinSesame\effaceur.exe
"EPSON Stylus Photo RX420 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O5 "LPT1:" /M "Stylus Photo RX420"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"flockbox"=C:\Program Files\My Lockbox\flockbox.exe /a
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
"FP Loader"=loadfp.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Applications\\Ares\\Ares.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Applications\\lphant\\eLePhantClient.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 MPRIFL;MPRIFL;C:\WINDOWS\system32\DRIVERS\MPRIFL.SYS [2007-12-13 20:13]
R2 Fileprot;Fileprot;C:\WINDOWS\system32\drivers\Fileprot.sys [2008-02-28 19:21]
R2 MTC0001_RMC;Remove Control Device;C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 15:24]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-19 16:10]
R3 Slazldrv;SmartLink AMR_PCI Driver;C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 02:48]
R3 ULI5261;ULi Based Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 15:24]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-10 19:09]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-14 11:09:13 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-12 19:47:49 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 20:48:09
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Maxime\Bureau\ELIBAGLA.BBØCBØØH.EXE
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-12 20:51:19 - machine was rebooted [Maxime]
ComboFix-quarantined-files.txt 2008-03-12 19:51:07
.
2008-03-03 11:42:50 --- E O F ---
Re,
Supprime (en mode sans échec s'il le faut !):
- C:\Documents and Settings\Maxime\Application Data\m
Reposte un HijackThis
Répondre à XmichouX
Voilà j'ai supprimer C:\Documents and Settings\Maxime\Application Data\m en mode sans echec.
HijackThis:
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\javaw.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourcei [...] r&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [jEdit Server] "C:\WINDOWS\system32\javaw.exe" -Xms64M -Xmx192M -jar "C:\Program Files\Applications\jEdit\jedit.jar" -background -nogui
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Applications\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5532 bytes
Et maintenant je fais quoi ?
Merci d'avance
Re,
Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.
Télécharge et installe Antivir. (tuto)
Vérifie qu’il soit bien à jour ! Ouvre Antivir; va dans l'onglet Scanner, active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
Répondre à XmichouX
Voila c fait !!!
AntiVir PersonalEdition Classic
Report file date: mercredi 12 mars 2008 22:29
Scanning for 1145475 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number:
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: M
Computer name: M
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 21:28:17
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 21:28:17
ANTIVIR3.VDF : 7.0.3.22 127488 Bytes 12/03/2008 21:28:17
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 12/03/2008 21:28:18
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 12/03/2008 21:28:18
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922
Start of the scan: mercredi 12 mars 2008 22:29
Starting search for hidden objects.
c:\documents and settings\maxime\mes documents\my lockbox
[NOTE] The directory is not visible.
[INFO] A backup was created as '47f84cdc.qua' ( QUARANTINE )
'265875' objects were checked, '1' hidden objects were found.
End of the scan: mercredi 12 mars 2008 22:34
Used time: 04:36 min
The scan has been done completely.
0 Scanning directories
1 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
1 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
265875 Objects were scanned with rootkit scan
1 Hidden objects were found
Message édité par lezert le 13-03-2008 à 12:06:12
Donc je suppose que c fini !!! Si c pas le cas dit le moi !!!
Je te remercie pour tout. C génial qu'il y est des personne comme toi pour aider des personne comme moi qui ne savons pas quoi faire.
Encore merci.
Nop nop..
Used time: 04:36 min <- trop court !
| Citation : Scan master boot sector..........: off
|
| Citation : puis dans manual selection, coche tout (tes partitions de disque dur). |
Allez hop au boulot
Répondre à XmichouX
Oui je suis bien allé dans Scanner et j'ai tout cocher !!!
Puis j'ai cliquer sur l'icone avec la loupe !!
Et voila c parti !!!
Message édité par lezert le 12-03-2008 à 22:43:15
Attend, je c il faut peut etre que je clique dans status sur scan system now !!! C'est en rouge !!!
A oui c'est bcp bcp plus long !!!
Je teins au courant demain, car la je vais allé me coucher, car demain j'ai cour. De toute façon je sens que le scan va prendre une bonne petite heure !!!
Je t'enverrai un resumé demain midi.
Sinon apres cette étape il reste quoi à faire ?
Merci d'avance.
Message édité par lezert le 12-03-2008 à 22:58:00
Salut, je te poste comme promis le log de antivir.
Juste quelque precision sur le fonctionnement de antivir. Il fonctionne en tant réel ?
Merci d'avance pour ta réponse.
AntiVir PersonalEdition Classic
Report file date: mercredi 12 mars 2008 22:42
Scanning for 1145475 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number:
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: MAX
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 21:28:17
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 21:28:17
ANTIVIR3.VDF : 7.0.3.22 127488 Bytes 12/03/2008 21:28:17
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 12/03/2008 21:28:18
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 12/03/2008 21:28:18
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 12 mars 2008 22:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'javaw.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'RMC.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '5872' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[1] Archive type: ZIP
--> install.exe
[DETECTION] Is the Trojan horse TR/Drop.Multid.FF.1
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16001
[WARNING] Failed!
C:\QooBox\Quarantine\catchme2008-03-12_204802.21.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '484c57e1.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '483d57e4.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '484657ea.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '483c57ed.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\104171.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480c57b2.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\1078828.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480f57b2.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\10820687.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481057b3.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\113281.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480b57b5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\115625.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480d57b5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\131750.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480957b8.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14671265.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '480e57ba.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\233802890.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480b57bb.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\233806000.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480b57bc.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\241140.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '480957be.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\246921.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480e57bf.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29234437.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.698884
[INFO] The file was moved to '480a57c5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29245187.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480a57c6.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\31431296.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '480c57be.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\31467875.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480c57bf.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\57264531.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '497920ff.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\63362406.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '480b57c3.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\63375875.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '497820fc.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\6396515.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481157c4.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\85703.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480f57c7.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\88890.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481057cb.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\91515.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480d57c5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\94156.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480957c8.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\99484.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480c57ce.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013276.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085864.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013325.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085866.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013617.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085872.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013668.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085874.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013669.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085875.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP38\A0013670.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967396e.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP40\A0013765.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808587c.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP40\A0013766.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808587d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0013803.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085880.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0013804.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085881.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0013822.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4967399a.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0014817.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085883.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0014838.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085884.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP41\A0014839.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967399d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP42\A0014851.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085886.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP42\A0014912.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085887.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP42\A0014924.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085888.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP43\A0015924.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4808588a.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP45\A0016366.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4808589f.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP45\A0016367.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858a0.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP45\A0016368.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739b9.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP47\A0016737.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858b5.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP47\A0016738.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739ae.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP47\A0016739.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858b6.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP47\A0016740.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739af.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0016848.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858bf.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0016849.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739d8.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0016850.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858c1.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0016871.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858c0.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0017829.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '496739da.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP48\A0017830.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858c3.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0017921.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858c4.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0017922.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858c5.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0018019.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858c8.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0018031.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858c9.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0018049.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739d2.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0018050.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858ca.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP49\A0018052.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '496739d3.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP50\A0018208.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858d1.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP50\A0019189.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '496739ca.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP50\A0020189.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '480858d3.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020231.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '480858d5.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020461.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858e0.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020464.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858e1.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020466.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739fa.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020467.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '480858e2.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0020569.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858e5.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021050.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858fc.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021064.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858fd.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021083.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739e6.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021084.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858fe.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021100.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '496739e7.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021101.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '480858ff.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP51\A0021260.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '48085908.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021262.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '48085909.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021512.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085915.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021515.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967380e.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021517.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085917.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021518.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085916.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0021620.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808591a.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022101.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808592b.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022115.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808592c.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022134.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '49673835.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022135.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808592d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022153.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4808592e.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022154.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9cf.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022155.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808592f.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP52\A0022156.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9d0.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP53\A0022292.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '48085935.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP54\A0022296.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085938.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0023292.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4808593d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0023293.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9de.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0024292.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4808593e.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0024293.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9df.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0024294.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808593f.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0024302.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4975e9a0.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP56\A0024306.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085940.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP57\A0024312.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '4975e9a1.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024384.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085944.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024385.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9a5.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024387.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085945.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024407.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085946.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024414.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4975e9a7.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024425.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085947.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024434.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4975e9a8.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024513.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085949.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024514.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808594a.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024532.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4808594b.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024536.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '49673854.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024548.exe
[DETECTION] Is the Trojan horse TR/Agent.698884
[INFO] The file was moved to '4808594c.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024549.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '49673855.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024566.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4808594d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024567.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '49673856.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024597.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4808594e.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024611.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4808594f.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024612.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '49673848.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024616.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '48085950.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024645.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085951.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024647.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967384a.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024648.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085952.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024651.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967384b.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024655.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '48085953.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024662.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48085954.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024664.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '4967384d.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024665.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48085955.qua'!
C:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP58\A0024675.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4967384e.qua'!
Begin scan in 'D:\' <Documents>
D:\WinSesame 5.1 [Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '48465c09.qua'!
D:\WinSesame 5.1 [Patch].zip
[0] Archive type: ZIP
--> WinSesame 5.1 [Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '492d6c62.qua'!
D:\System Volume Information\_restore{B6633A54-EC5E-49D0-8F66-B3B79D5E58E6}\RP59\A0024842.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was moved to '48085c00.qua'!
End of the scan: mercredi 12 mars 2008 23:48
Used time: 1:05:53 min
The scan has been done completely.
5356 Scanning directories
587778 Files were scanned
141 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
137 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
587637 Files not concerned
4947 Archives were scanned
2 Warnings
0 Notes
Message édité par lezert le 13-03-2008 à 18:39:46
Je te remercie pour tout.
Mon pc marche cent fois mieux et surtout vive Antivir !!!
Au fait Antivir il protège en tant réel ???
Re,
Antivir protège en temps réel oui.
Te conseille de désinstaller lphant.
| Citation : C:\Program Files\Applications\lphant\temp\003.part
|
Reposte un HijackThis 
Répondre à XmichouX
Désinstallation Effectué !!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:48, on 13/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\javaw.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourcei [...] r&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [jEdit Server] "C:\WINDOWS\system32\javaw.exe" -Xms64M -Xmx192M -jar "C:\Program Files\Applications\jEdit\jedit.jar" -background -nogui
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Applications\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 6107 bytes
Re,
C'est clean 
Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
Poste le rapport se trouve ici : C:\rapport_clean.txt
Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.
Répondre à XmichouX
Voilà le rapport:
13/03/2008 a 18:54:18,59
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Bien,
Télécharge ToolsCleaner2( de A.Rothstein)
Installe le sur ton Bureau
Clique sur [Recherche] pour lancer le scan
Clique sur [Supprimer] pour nettoyer les outils utilisés
Clique sur [Quitter],
Poste ce rapport ~>C:\TCleaner.txt<~
Garde ccleaner, avg et antivir si nous les avons installé..
Désactive-réactive la restauration système
Rapporte ton infection sur Malware Complaints >Tuto<
Ton(tes) infection(s) : Bagle
Si tu ne la trouves pas dans la liste, poste dans Autres infections,
Puis regarde ces dossiers :
Sécurité/Prévention
Conséquences de la multi-protection
bonne soirée
Répondre à XmichouX
Ok et merci pour toute ton aide !!!
Bonne Soirée à toi aussi et surtout continue à aidé les gens comme moi.
Encore merci
A+
-->- Recherche:
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Maxime\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Maxime\Bureau\Clean.zip: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\tar.exe: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\remove.reg: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\pskill.exe: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\gzip.exe: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\delr.cmd: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\del3.cmd: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\del2.cmd: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\clean.cmd: trouvé !
C:\Documents and Settings\Maxime\Bureau\clean\cherche.cmd: trouvé !
C:\Program Files\Applications\CodeBlocks\bin\gzip.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Maxime\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Maxime\Bureau\Clean.zip: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\tar.exe: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\remove.reg: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\pskill.exe: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\gzip.exe: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\delr.cmd: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\del3.cmd: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\del2.cmd: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\clean.cmd: supprimé !
C:\Documents and Settings\Maxime\Bureau\clean\cherche.cmd: supprimé !
C:\Program Files\Applications\CodeBlocks\bin\gzip.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Salut XmichouX,
j'ai le meme problème que lezert avec avast et l'application win32... alors puis-je suivre à la lettre les indications que tu as donné à lezert ?
Merci d'avance pour ta réponse !!
a bientôt
J'ai le même problème avec avast : lorsque je lance l'executif, winows affiche : application win32 non valide...
J'ai télécharger combofix mais il me faut l'avis d'un consultant expère...
Peus tu m'aider ?
Bonjour
j'ai le même problème que lezert impossible d'ouvrir avast, et d'installer d'autres antivirus
merci d'avance
voici mon rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:13, on 25/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\WINDOWS\system32\oodtray.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\explorer.exe
D:\Documents and Settings\gérard et véro\Local Settings\Temporary Internet Files\Content.IE5\DPEG6U1Y\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 11788 bytes
bonjour,
j'ai également un problème avec Win32, je n'arrive pas à un ouvrir un document avec Word.
voici, mon message: C:\Documents ans Settings\HP_propriétaireBureau\.doc n'est pas une application Win32 valide.
Que dois-je faire?
D'avance, merci pour votre aide.
Chris
Il y a 461 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
