Aller au contenu

colossus

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    34

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par colossus

  1. colossus
    salut bruce lee. ce rapport est pour un autre pc. en effet j'ai 2 pc à la maison. Ils sont branchés en réseaux et j'aimerais savoir si le second est sain. merci d'avance.
  2. colossus
    Je ne sais pas si la version d'xp est piratée ou non, je le lui demanderai à l'occasion. En tout cas merci de m'avoir éclairé sur ce sujet.
  3. colossus
    bonjour à tous. Voilà un ami à installé une mise à jour windows qui envoi un message à chaque démarage de l'ordi : "vous etes peut etre victime d'une contre façon ..." est-ce que quelqu'un connais cette mise à jour et y-a-t-il un moyen de s'en débarrasser? Merci pour vos conseils.
  4. colossus
    voilà le rapport : Logfile of HijackThis v1.99.1 Scan saved at 21:04:39, on 23/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Winamp\winampa.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\WgaTray.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [AXVenore] "C:\Program Files\AXVenore\AXVenore.exe" O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346E99} - C:\Program Files\Batty\Batty.dll O20 - AppInit_DLLs: wbsys.dll,Runner.dll,Runner.dll,BattyRun.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe encore merci
  5. colossus
    bonsoir à tous voilà un rapport hijackthis de mon ordi... Aprés un petit pb avec avast j'aimerais savoir si ce rapport est ok. Merci de m'éclairer de vos lumières...
  6. colossus
    voila : SmitFraudFix v2.99 Rapport fait à 18:13:17,29, 23/09/2006 Executé à partir de C:\Documents and Settings\COLOSSUS\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\COLOSSUS\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\COLOSSUS\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="wbsys.dll" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin C'est fait, et maintenant? Dois-je faire autre chose?
  7. colossus
    re, deux petites questions suplémentaires: qu'est-ce que je fais des fichiers mis en quarantaine par ewido? est-ce que je dois désinstaller hijackthis et ewido une fois le problème réglé? merci.
  8. colossus
    Bien voila j'ai suivi toutes les étapes, apparament tout c'est bien déroulé. Voici les rapports; ewido d'abord : --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 13:49:52 23/09/2006 + Scan result: C:\RECYCLER\S-1-5-21-484763869-117609710-839522115-1003\Dc2.exe -> Proxy.Horst.ej : Cleaned with backup (quarantined). :mozilla.54:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.55:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.38:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.40:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.41:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.42:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.43:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.44:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.49:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.50:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.51:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.52:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.53:C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined). ::Report end Enfin Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:57:59, on 23/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\nvraidservice.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\SuperCopier\SuperCopier.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [superCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe est ce que j'ai bon? En tout cas grand merci pour ton aide bruce lee.
  9. colossus
    bonjour à tous. voilà j'ai un petit problème avec la protection résidente d'avast : le service courrier electronique affiche sans cesse des messages d'alerte à propos de mails iddentiques trop nombreux.Je suis donc obligé d'arreter ce service pour pouvoir surfer. le soucis c'est que de droles de fichiers .exe apparaissent dans le dossier temp : des fichiers du genre exmodul32.Certains d'entre eux sont considérés comme trojan par avast. J'ai suivi la procédure de pre nettoyage de mon pc et je poste les rapports d'hijackthis et d'antivir pour analyse. Merci d'avance pour votre aide. Voici les rapports : Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 12:18:30, on 23/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\nvraidservice.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [superCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe Et maintenant antivir : AntiVir PersonalEdition Classic Report file date: samedi 23 septembre 2006 11:55 Scanning for 414117 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 1) [5.1.2600] Username: COLOSSUS Computer name: ELEMENTAL Version informations: AVSCAN.EXE : 7.0.0.42 376872 23/09/2006 09:34:50 AVSCAN.DLL : 7.0.0.42 53288 23/09/2006 09:34:50 LUKE.DLL : 7.0.0.42 110632 23/09/2006 09:34:50 LUKERES.DLL : 7.0.0.42 25640 23/09/2006 09:34:50 ANTIVIR0.VDF : 6.35.0.1 7371264 23/09/2006 09:34:50 ANTIVIR1.VDF : 6.35.0.5 2048 23/09/2006 09:34:50 ANTIVIR2.VDF : 6.35.0.62 208384 23/09/2006 09:34:50 ANTIVIR3.VDF : 6.35.0.69 54784 23/09/2006 09:34:50 AVEWIN32.DLL : 7.1.0.16 1540608 23/09/2006 09:34:50 AVPREF.DLL : 7.0.0.1 33832 23/09/2006 09:34:50 AVREP.DLL : 6.35.0.47 466984 23/09/2006 09:34:50 AVRPBASE.DLL : 7.0.0.0 1544232 23/09/2006 09:34:50 AVPACK32.DLL : 7.1.0.1 331816 23/09/2006 09:34:50 AVREG.DLL : 6.31.0.90 25128 23/09/2006 09:34:50 NETNT.DLL : 6.32.0.0 6696 23/09/2006 09:34:50 NETNW.DLL : 6.32.0.0 9768 23/09/2006 09:34:50 RCIMAGE.DLL : 7.0.0.71 1642536 23/09/2006 09:34:50 RCTEXT.DLL : 7.0.0.75 77864 23/09/2006 09:34:50 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 3 Primary action................: 1 Secondary action..............: 0 Start of the scan: samedi 23 septembre 2006 11:55 The scan over running processes will be started 14 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 18 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\COLOSSUS\ntuser.dat [WARNING] The file could not be opened! C:\Documents and Settings\COLOSSUS\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\COLOSSUS\Application Data\Mozilla\Firefox\Profiles\xsueief5.default\parent.lock [WARNING] The file could not be opened! C:\Documents and Settings\COLOSSUS\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\COLOSSUS\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! The path D:\ could not be found! Le périphérique n'est pas prêt. End of the scan: samedi 23 septembre 2006 12:03 Used time: 08:36 min The scan has been done completely. 2003 Scanning directories 68707 Files were scanned 0 viruses and/or unwanted programs was found 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 445 Archives were scanned 16 Warnings 1 Notes Encore merci de bien vouloir m'aider.
×
×
  • Créer...