Geronimo13

je te remercie beaucoup pour le temps que t'as pris pour me repondre et toutes tes conseils que je suis déjà en train d'appliquer dans mon ordinateur! A+

Je viens de m'inscrire dans votre forum et j'espere trouver ici les reponses que je recherche pour securiser mon ordinateur! J'ai pris le temps de regarder un peu dans les differents sujets ouverts et je trouve qu'il y en a pour tout le monde et c'est tres sympa des gens qui connaissent plus que les autres de nous aider! Alors ma petite question, j'ai utilisé le Hijackthis ainsi que le Kaspersky free scan pour voir si jamais je suis effectué et si tout va bien puisque j'ai dû formater mon laptop avant l'été à cause des virus... Alors les resultats sont les suivants: Kaspersky free scan: KASPERSKY ONLINE SCANNER REPORT Wednesday, December 19, 2007 12:07:08 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 18/12/2007 Kaspersky Anti-Virus database records: 486393 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ Scan Statistics Total number of scanned objects 70212 Number of viruses found 4 Number of infected objects 113 Number of suspicious objects 0 Duration of the scan process 00:49:29 Infected Object Name Virus Name Last Action C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_6d4.dat Object is locked skipped C:\WINDOWS\Temp\sqlite_SNI4mh2ATdXCsq2 Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\NTUSER.DAT Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Application Data\Acer Arcade\Log\Trace20071218.log Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\kORNIAS MAXIMILIANOS\Cookies\index.dat Object is locked skipped C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\clnr0.dll Infected: Trojan.Win32.Gorshok.a skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\DAEMON Tools\SetupDTSB.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP15\A0000607.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP16\A0000951.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP18\A0001192.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP22\A0001266.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP23\A0002540.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP23\A0003647.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP24\A0004105.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0004619.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0004819.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0005849.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0005877.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0006003.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0006192.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0006294.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0006563.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0006795.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0007796.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0007870.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0007973.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0008025.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP25\A0008088.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP29\A0008707.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP29\A0008837.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP30\A0008942.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP30\A0009189.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP31\A0009452.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP31\A0009609.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP31\A0009681.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP33\A0009910.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP33\A0010285.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP33\A0010384.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP33\A0010570.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP33\A0010625.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP37\A0011142.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP38\A0011207.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP38\A0011404.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP38\A0011463.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP39\A0011617.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP41\A0011801.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0011863.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0012410.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0012519.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0012589.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0012665.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP42\A0012687.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP43\A0012804.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP46\A0013124.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP47\A0013165.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP47\A0013194.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP48\A0013240.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP48\A0013463.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP48\A0013544.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP49\A0013612.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP50\A0013791.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0013850.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0013858.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0013882.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0013960.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0013993.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0014138.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0014374.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0015620.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0015657.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0015694.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0015857.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016305.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016341.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016532.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016569.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016728.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016819.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0016912.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP51\A0017051.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP52\A0017099.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP53\A0017288.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP53\A0018352.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP53\A0018568.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP53\A0018967.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP54\A0019066.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP55\A0019418.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0019521.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0019775.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0020050.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0020247.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0020474.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP57\A0020526.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0020715.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0021719.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0021803.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0022835.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0022863.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024039.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024337.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024509.exe/file04 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024509.exe/file05 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024509.exe/file34 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP58\A0024509.exe Inno: infected - 3 skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0024767.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0024796.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025079.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025161.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025226.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025317.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025404.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP60\A0025600.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP61\A0025798.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP61\A0026210.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP65\A0026421.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP67\A0026483.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP68\A0026506.dll Infected: Trojan.Win32.Gorshok.a skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP68\change.log Object is locked skipped C:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP68\A0027530.dll Infected: Trojan.Win32.Gorshok.a skipped D:\System Volume Information\_restore{971BA714-3578-4A78-9285-791521829CFA}\RP68\change.log Object is locked skipped Scan process completed. Hijackthis Block-note: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:10:00, on 21/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\Empowering Technology\admServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Acer\Empowering Technology\admtray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\DOCUME~1\KORNIA~1\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\kORNIAS MAXIMILIANOS\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sportaction.gr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Acer ePower Management] "C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe" O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.com/hanmail-ax/AttachMail.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 10037 bytes Je sais qu'il s'agit de trop des notes pour un premier post mais je devais vous poser la question, est ce-que vous trouvez des choses à changer, ou effacer? des choses à installer pour changer une eventuelle mauvaise situation? Je dois vous dire que j'utilise Avast antivirus, AD-Aware, Spybot, Spyware Doctor... Mille merci de lire mon post!