Aller au contenu

madie57

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    30

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par madie57

  1. madie57
    J'oubliais!!! Jai toujours le fichier E-mail-Worm.Win32.Runouce.b en quarantaine sur a-squarred. je lavais déja supprimé une fois et il était revenu. depuis sa mise en quarantaine plus de probleme mais je ne sais pas si je dois le garder la et comme etre sure quil soit totalement et définitivement supprimé?!! Merci de ta réponse à ce qui devrait etre ma dernière sur ce probleme @+
  2. madie57
    Salut Bruce Ben j'ai réinstallé mes documents, mes logiciels (pack office, VLC, ...) et jai relancé un scan spybot puis un scan lent sur a-squarred = RIEN. Par mesure de précaution jai refait un rapport HJT que voici Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:46:52, on 07/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\installer\WLSetupSvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox?client=firefo...lla:fr:official R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- End of file - 9293 bytes Peux tu vérifier une derniere fois que tout est OK? Sinon j aimerai bien que tu me dises quoi garder comme logiciel acquis pour gérer cette crise et ce pour etre sure quil ny ait pas de conflit entre eux, il sagit de Avast Spybot a-squarred et Ad aware 2007. Enfin penses tu que je doive remplacer Avast par Antivir et y a t il des dispositions a prendre pour ne plus etre infecté? Merci pour ton analyse et tes conseils avisés Bonne journée
  3. madie57
    Voila bruce je me lève et le scan de Kaspersky est fini, j'espère avoir scanné les bons fichiers ou disques (la version du logiciel était en anglais, ) bref voila le résultat du scan, ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 06, 2008 7:50:27 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 5/03/2008 Kaspersky Anti-Virus database records: 600224 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ Scan Statistics: Total number of scanned objects: 50335 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 00:56:32 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\cert8.db Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\formhistory.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\history.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\key3.db Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\parent.lock Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\search.sqlite Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Marie Laure\Application Data\Sun\Java\Deployment\log\plugin150_06.trace Object is locked skipped C:\Documents and Settings\Marie Laure\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Historique\History.IE5\MSHist012008030520080306\index.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Application Data\Mozilla\Firefox\Profiles\vgtady0k.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Temp\hsperfdata_Marie Laure\3824 Object is locked skipped C:\Documents and Settings\Marie Laure\Local Settings\Temp\~DF4A3E.tmp Object is locked skipped C:\Documents and Settings\Marie Laure\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Marie Laure\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Marie Laure\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{62FAAD0A-3EDE-4651-A796-93F8B29DEFF6}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_184.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. Voila jattends ton avis sur ce rapport et les prochaines consignes à appliquer pour être certaine que mon pc va mieux!!! pour le moment j'ai toujours pas remis mes données persos sur le pc bonne journée et a tout vite Marie
  4. madie57
    Hello Bruce et merci a la fois de ton accueil ainsi que de tes premiers conseils. Malheureusement, comme je débute sur ce forum (et sur les forums en général ) je navais pas vu ta réponse avant; bref jai désactivé la restauration, jai vérifié les paramètres des controles activeX et la le scan Kaspersky est en route mais je crains que ca dure assez longtemps. je poste les résultats du scan dès que possible soit jai assez de patience et suis pas trop fatiguée et jattends la fin soit je le posterai demain (remarques on est bientot demain!!! lol) Bref merci de ton aide et jespere que tu suivras mon probleme et que nous arriverons a résoudre ce méchant probleme A tout bientot
  5. madie57
    Bonjour à tous les sauveurs qui pourraient venir à mon aide. J'ai déjà échanger avec une modératrice par sa boite mail et elle ma conseillé de télécharger HJT et d'envoyer le rapport ainsi obtenu. Mais avant je recadre mon probleme, qui concerne une infection par msn Jai cliqué sur un lien et depuis cest la misère. Ne sachant ou chercher des infos, jai contacté un ami qui 'touche' en info et il ma conseillé de faire des scan avec différents logiciel ainsi jai téléchargé a2 squarred, et adaware 2007 (javais déjà avast et spybot) des choses ont été trouvées (niveau moyen) et puis lors de ces manips mon ordi a planté completement. jai donc été obligée de reformater ma machine, apres avoir sauvegardé mes données perso sur mon disque dur externe multimédia. depuis, jai réinstaller firefox et ainsi à nouveau avast, spybot, ad aware et a2. et jai lancé des scan de lordi + disque dur externe multimédia. le scan avast = rien trouvé le scan spybot = rien trouvé le scan ad aware = rien trouvé le scan a2 = rien trouvé en rusé mais trouvé un fichier hautement dangereux avec le scan lent: Email-Worm.Win32.Runouce.b situé dans C:`\System Volume Information\-restore{B0D22BE2-A227-4068-E6B79217B4BA}\RP5\A00007990.exe jai mis ce fichier en quarantaine car je lavais supprimé précédemment et cest revenu!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:05:15, on 05/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox?client=firefo...lla:fr:official R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- End of file - 7691 bytes Dernière question : pour le moment mes données sont toujours sur le disque dur externe. dois je les réinstaller pour être certaine de vérifier l'intégrité des données stockées sur ce dernier Merci de votre aide à une demoiselle pas assez douée en info pour sen sortir seule mais qui a un gros besoin de son pc pour bosser!!!
×
×
  • Créer...