Supaiku
-
Compteur de contenus
20 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Supaiku
-
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
bon voila le dernier scan en date,tout les disques sont saint,mais il y a juste une chose qui me chiffone les 10 infections qui me trouve tout le temp son marquées comme "Objet dans liste blanche"mais ca veut dire quoi exactement?virus pas virus?exe infecté mais pas soignable?? et merci Falkra pour le conseil de virer les keygens,je le savais jl'ai pas fais,tu as bien fais me le dire,car je pense qu'une grosse partie de mon infection à commencé par ca..enfin bon,si jamais la liste blanche est percée à jour,tu penses que le PC est clean? Rapport AVG 8.0 internet security(dernier en date): Scan ""Scan whole computer"" was finished." "Infections";"10";"0";"10" "Rootkits";"1";"0";"1" "Folders selected for scanning:";"Scan whole computer" "Scan started:";"mercredi 4 mars 2009, 22:35:13" "Scan finished:";"jeudi 5 mars 2009, 00:13:06 (1 hour(s) 37 minute(s) 52 second(s))" "Total object scanned:";"355150" "User who launched the scan:";"Supaiku" "Infections" "File";"Infection";"Result" "C:\WINDOWS\system32\bootcfg.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\calc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\dvdplay.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\esentutl.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\fltmc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\hostname.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\msiexec.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\tscon.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\typeperf.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\wextract.exe";"Virus found Win32/Heur";"Object is in whitelist" "Rootkits" "File";"Infection";"Result" "C:\WINDOWS\System32\Drivers\aads7yfy.SYS";"Hidden driver";"Object is hidden" -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Juste pour dire que les 2 dernieres lignes de F:\ sont effacées(keygen perfect disk7..les 2 dossiers du reste) -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
desolé pour combo fix,a force de trop chercher ont fini par faire de coneries,et je suis tout à fais d'accord avec toi,j'aurais attendre aujourd'hui...désolé je voulais pas t'offenssé et je te fais à 100% confiance.. Voila mon 1er Rapport AVG 8.0,il a desinfecté ce qui pouvait,et moi j'ai suivi ton conseil(et j'aurais du le faire depuis longtemp)j'ai effacé les keygenes moi meme a la main(si jpuis dire)et j'ai relancé un scan que je poste à la suite du 1er.. J'espere avoir bien fais pour les 2 rapports...merci Falkra Rapport 01 AVG 8.0: "Scan ""Scan whole computer"" was finished." "Infections";"223";"212";"11" "Spyware";"2";"2";"0" "Rootkits";"1";"0";"1" "Information";"2" "Folders selected for scanning:";"Scan whole computer" "Scan started:";"mercredi 4 mars 2009, 03:22:45" "Scan finished:";"mercredi 4 mars 2009, 06:09:11 (2 hour(s) 46 minute(s) 26 second(s))" "Total object scanned:";"355196" "User who launched the scan:";"Supaiku" "Infections" "File";"Infection";"Result" "C:\Documents and Settings\Supaiku\Bureau\Cleaner de virus\MSNFix.zip";"Virus identified Worm/Autoit.CQT";"Moved to Virus Vault" "C:\Documents and Settings\Supaiku\Bureau\Cleaner de virus\MSNFix.zip:\MSNFix\incl\Hostsclean.exe";"Virus identified Worm/Autoit.CQT";"Moved to Virus Vault" "C:\Documents and Settings\Supaiku\Bureau\Cleaner de virus\MSNFix\MSNFix\incl\Hostsclean.exe";"Virus identified Worm/Autoit.CQT";"Moved to Virus Vault" "C:\GenProc\outil\uniq.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\Program Files\Creative\Sound Blaster X-Fi\Auto Tag Cleaner\CTRegSvu.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP2\A0002013.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP2\A0002074.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008438.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008451.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008613.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008614.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008648.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008729.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008731.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0008980.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009016.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009027.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009047.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009051.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009055.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009056.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009059.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009086.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009087.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009094.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009096.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009102.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009103.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009119.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009121.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009124.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009126.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009132.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009133.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009146.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009151.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009152.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009154.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009173.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009176.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009185.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009217.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009219.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009232.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009242.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009248.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009254.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009258.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009268.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009295.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009297.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009300.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009326.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009329.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009340.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009353.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009356.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009359.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009366.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009380.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009382.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009383.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009388.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009419.dll";"Trojan horse Injector.BP";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009591.dll";"Trojan horse Injector.BP";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009613.dll";"Trojan horse Injector.BP";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009629.dll";"Trojan horse Injector.BP";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009681.dll";"Trojan horse Injector.BP";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009702.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009704.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009705.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009706.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009707.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009708.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009709.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009710.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009711.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009712.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009713.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009714.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009715.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009716.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009717.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009718.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009719.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009720.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009797.dll";"Trojan horse PSW.OnlineGames.BQQS";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009801.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009932.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009933.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009934.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009988.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0009990.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010020.exe";"Virus identified Worm/Autoit.CQT";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010021.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP6\A0006044.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP6\A0006142.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\author.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\bootcfg.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\defrag.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\eventcreate.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\logonui.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\lsass.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\mqbkup.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\narrator.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\progman.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\savedump.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\sethc.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\setup_wm.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\taskkill.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\tlntadmn.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\tlntsess.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\tracert.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\$NtServicePackUninstall$\wscript.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\MIDIDEF.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\READREG.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\accwiz.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\admin.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\comrepl.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\csc.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\davcdata.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\dialer.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\dllhost.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\dumprep.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\helpctr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\hh.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\irftp.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\locator.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\netsh.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\ping.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\proquota.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\shtml.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\sspipes.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\ahui.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\alg.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\blastcln.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\bootcfg.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\calc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\conime.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\control.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\CTXFIHLP.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\CTXFIREG.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\chgport.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\flattemp.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\freecell.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\imekrmig.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\ipsec6.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\lpq.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\migwiz_a.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\msswchx.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\syskey.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dllcache\wb32.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dmremote.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\dvdplay.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\esentutl.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\fltmc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\forcedos.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\hostname.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\makecab.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\mnmsrvc.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\mplay32.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\mqbkup.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\msiexec.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\msswchx.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\OALINST.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\packager.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\progman.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\rsmui.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\scardsvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\setup.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\setupn.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\tracert6.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\tscon.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\typeperf.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\tzchange.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\ups.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\wextract.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\winmsd.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\write.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\TASKMAN.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\twunk_32.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\zip.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "D:\System Volume Information\_restore{6DD52706-6F4B-4611-A6E2-1F7561562E2C}\RP2\A0002889.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "D:\System Volume Information\_restore{6DD52706-6F4B-4611-A6E2-1F7561562E2C}\RP2\A0002963.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "D:\System Volume Information\_restore{6DD52706-6F4B-4611-A6E2-1F7561562E2C}\RP2\A0003095.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "D:\System Volume Information\_restore{6DD52706-6F4B-4611-A6E2-1F7561562E2C}\RP2\A0003103.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "D:\System Volume Information\_restore{6DD52706-6F4B-4611-A6E2-1F7561562E2C}\RP2\A0003137.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "F:\PROGRAMMES\AVG\AVG.Internet.Security.v8.0.229.Multilangages.Incl-Keygen\AVG.Internet.Security.v8.0.229.Multilangages.Incl-Keygen.[eMule-DivX.com].rar";"Trojan horse KillAV.RG";"Deleted" "F:\PROGRAMMES\AVG\AVG.Internet.Security.v8.0.229.Multilangages.Incl-Keygen\AVG.Internet.Security.v8.0.229.Multilangages.Incl-Keygen.[eMule-DivX.com].rar:\Keygen\keygen.exe";"Trojan horse KillAV.RG";"Deleted" "F:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009390.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "T:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009399.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "T:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP48\A0009667.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "Spyware" "File";"Infection";"Result" "F:\PROGRAMMES\BS Player\bs player 2.25\bsplayer225.955_clip.exe";"Spyware Generic.BP";"Deleted" "F:\PROGRAMMES\BS Player\bs player 2.25\bsplayer225.955_clip.exe:\$JF\AdVantageSetup.exe";"Spyware Generic.BP";"Deleted" "Warnings" "File";"Infection";"Result" "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CTxfiHlp";"Found registry key with reference to infected file C:\WINDOWS\system32\CTXFIHLP.EXE";"Moved to Virus Vault" "Rootkits" "File";"Infection";"Result" "C:\WINDOWS\System32\Drivers\ajzo1j0q.SYS";"Hidden driver";"Object is hidden" "Information" "File";"Infection";"Result" "F:\SERIALS CRACS KEYGENS\PerfectDisk 7\Raxco PerfectDisk 7.0 Build 46-Kg.rar";"Runtime packed fsg";"" "F:\SERIALS CRACS KEYGENS\PerfectDisk 7\Raxco PerfectDisk 7.0 Build 46-Kg.rar:\RaxcoPerfectDisk7-Keygen.exe";"Runtime packed fsg";"" Scan 02 apres suppression des keygens "Scan ""Scan whole computer"" was finished." "Infections";"115";"104";"11" "Spyware";"2";"0";"2" "Rootkits";"1";"0";"1" "Information";"2" "Folders selected for scanning:";"Scan whole computer" "Scan started:";"mercredi 4 mars 2009, 10:27:16" "Scan finished:";"mercredi 4 mars 2009, 12:07:50 (1 hour(s) 40 minute(s) 33 second(s))" "Total object scanned:";"355141" "User who launched the scan:";"Supaiku" "Infections" "File";"Infection";"Result" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010024.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010025.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010026.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010027.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010028.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010029.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010030.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010031.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010032.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010033.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010034.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010035.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010036.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010037.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010038.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010039.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010040.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010041.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010042.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010043.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010044.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010045.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010046.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010047.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010048.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010049.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010050.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010051.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010052.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010053.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010054.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010055.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010056.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010058.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010059.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010060.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010061.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010062.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010063.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010064.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010065.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010066.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010067.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010068.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010069.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010070.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010071.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010072.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010073.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010074.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010075.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010076.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010077.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010078.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010079.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010080.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010081.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010082.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010083.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010084.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010085.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010086.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010087.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010100.scr";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010101.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010102.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010103.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010104.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010105.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010106.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010107.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010109.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010110.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010111.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010112.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010113.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010114.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010115.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010116.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010117.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010118.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010119.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010120.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010121.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010122.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010123.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010124.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010125.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010126.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010127.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010128.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010129.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010130.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010132.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010133.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010134.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010135.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010136.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010137.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010138.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010139.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010140.EXE";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010141.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010142.exe";"Virus found Win32/Heur";"Moved to Virus Vault" "C:\WINDOWS\system32\alg.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\bootcfg.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\calc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\dvdplay.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\esentutl.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\fltmc.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\hostname.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\msiexec.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\tscon.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\typeperf.exe";"Virus found Win32/Heur";"Object is in whitelist" "C:\WINDOWS\system32\wextract.exe";"Virus found Win32/Heur";"Object is in whitelist" "Spyware" "File";"Infection";"Result" "F:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010175.exe";"Spyware Generic.BP";"Potentially dangerous object" "F:\System Volume Information\_restore{2913B9C6-7D67-4468-9B1E-2EAF0EB15ECD}\RP49\A0010175.exe:\$JF\AdVantageSetup.exe";"Spyware Generic.BP";"Potentially dangerous object" "Rootkits" "File";"Infection";"Result" "C:\WINDOWS\System32\Drivers\ajzo1j0q.SYS";"Hidden driver";"Object is hidden" "Information" "File";"Infection";"Result" "F:\SERIALS CRACS KEYGENS\PerfectDisk 7\Raxco PerfectDisk 7.0 Build 46-Kg.rar";"Runtime packed fsg";"" "F:\SERIALS CRACS KEYGENS\PerfectDisk 7\Raxco PerfectDisk 7.0 Build 46-Kg.rar:\RaxcoPerfectDisk7-Keygen.exe";"Runtime packed fsg";"" comme un ane je pense ca,mais j'aurais peut etre du effectué ces scans en mode ss echec?ou desactivé la resto? je prefere attendre tes conseils Falkra et pas faire de bétises -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Bien et voici le rapportd'AVG 8.0,il a traité pas mal d'infection,j'ai aidé a sup les fichiers qui etait en archive..mais comment etre sur d'etre saint et sans virus? Ca m'embette beaucoup...quelle soluce me reste t'il? Mais je ne sais pas trop trop si c'est le bon rapport.... 4.3.2009 02:44:43 Proxy is switched off for antispam. Proxy mode = 0 4.3.2009 02:44:43 Starting the main loop 4.3.2009 02:44:43 Redirector version 80000 4.3.2009 02:44:43 AutoPOP3(10110): Starting server 4.3.2009 02:44:43 Queue processing started 4.3.2009 02:47:13 Server 1 will be removed. 4.3.2009 02:47:13 Server 1 was removed. 4.3.2009 02:47:14 Server 2 will be removed. 4.3.2009 02:47:14 Server 2 was removed. 4.3.2009 02:47:15 End of program 4.3.2009 02:47:15 AVG for E-mail ended 4.3.2009 02:59:13.078 [74c] AVG for E-mail [8.0.223] started 4.3.2009 02:59:13.343 [74c] Registered in WatchDog 4.3.2009 02:59:16.609 [74c] Using AVG Kernel: 8.0.237 [270.11.6/1981] 4.3.2009 02:59:16 Log reopened New log file is 'C:\Documents and Settings\All Users\Application Data\avg8\Emc\Log\emc.log' 4.3.2009 02:59:17 Using Cyrus SASL 2.1.13 4.3.2009 02:59:21 MailShell Anti-Spam, version 5.2.0, last rules update 2008-11-03T20:40:54+01:00 4.3.2009 02:59:21 Loading proxy configuration for antispam. 4.3.2009 02:59:21 Proxy is switched off for antispam. Proxy mode = 0 4.3.2009 02:59:21 Starting the main loop 4.3.2009 02:59:21 Redirector version 80000 4.3.2009 02:59:21 AutoPOP3(10110): Starting server 4.3.2009 02:59:21 Queue processing started 4.3.2009 03:03:35 Server 1 will be removed. 4.3.2009 03:03:35 Server 1 was removed. 4.3.2009 03:03:35 Server 2 will be removed. 4.3.2009 03:03:35 Server 2 was removed. 4.3.2009 03:03:36 End of program 4.3.2009 03:03:36 AVG for E-mail ended 4.3.2009 03:13:08.296 [588] AVG for E-mail [8.0.223] started 4.3.2009 03:13:08.656 [588] Registered in WatchDog 4.3.2009 03:13:09.328 [588] Using AVG Kernel: 8.0.237 [270.11.6/1981] 4.3.2009 03:13:09 Log reopened New log file is 'C:\Documents and Settings\All Users\Application Data\avg8\Emc\Log\emc.log' 4.3.2009 03:13:09 Using Cyrus SASL 2.1.13 4.3.2009 03:13:10 MailShell Anti-Spam, version 5.2.0, last rules update 2008-11-03T20:40:54+01:00 4.3.2009 03:13:10 Loading proxy configuration for antispam. 4.3.2009 03:13:10 Proxy is switched off for antispam. Proxy mode = 0 4.3.2009 03:13:10 Starting the main loop 4.3.2009 03:13:10 Redirector version 80000 4.3.2009 03:13:10 AutoPOP3(10110): Starting server 4.3.2009 03:13:10 Queue processing started 4.3.2009 03:14:54 Server 1 will be removed. 4.3.2009 03:14:54 Server 1 was removed. 4.3.2009 03:14:54 Server 2 will be removed. 4.3.2009 03:14:54 Server 2 was removed. 4.3.2009 03:14:55 End of program 4.3.2009 03:14:55 AVG for E-mail ended 4.3.2009 03:18:46.203 [724] AVG for E-mail [8.0.223] started 4.3.2009 03:18:47.312 [724] Registered in WatchDog 4.3.2009 03:18:48.796 [724] Using AVG Kernel: 8.0.237 [270.11.6/1981] 4.3.2009 03:18:48 Log reopened New log file is 'C:\Documents and Settings\All Users\Application Data\avg8\Emc\Log\emc.log' 4.3.2009 03:18:49 Using Cyrus SASL 2.1.13 4.3.2009 03:18:50 MailShell Anti-Spam, version 5.2.0, last rules update 2008-11-03T20:40:54+01:00 4.3.2009 03:18:50 Loading proxy configuration for antispam. 4.3.2009 03:18:50 Proxy is switched off for antispam. Proxy mode = 0 4.3.2009 03:18:50 Starting the main loop 4.3.2009 03:18:50 Redirector version 80000 4.3.2009 03:18:50 AutoPOP3(10110): Starting server 4.3.2009 03:18:50 Queue processing started 4.3.2009 10:21:46.203 [728] Mail config was changed. -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Bon,voila j'ai passé un coup de MAB,il en a trouvé(mode ss echec)un combo fix il en a trouvé mais le nettoyage n'a pas du pouvoir ce faire si je ne me trompe..et la je vais fais un scan complet de tt les disques et je mettrais le rapport d'AVG mais avant le scan et apres MAB & ComboFix j'ai fais un rapport HiJackThis...je le laisse si jamais ca pouvais aidé ou pouvoir résoudre le soucy....j'aimerais telement bien Rapprt HiJackThis 2.0.2 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:21:04, on 04/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe c:\windows\$ntunistalls\svchost.exe C:\WINDOWS\system32\ntvdm.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\SYSTEM32\NET.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\SYSTEM32\net1.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Supaiku\Bureau\HiJackThis.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Tcp ipx Service (Tcpipsrv) - Unknown owner - c:\windows\$ntunistalls\svchost.exe O23 - Service: Onduleur (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5144 bytes -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Bon réinstal ok,mais super,toujours des fichiers infecté,et tous par "Win32\Heur"et j'ai beau desinfecté avec avg,mais a chaque démmarage ca recommence de plus belle.... ... ce que je ne comprends vraiment pas(et la je désespere vraiment)c'est comment apres un formatage il peut encore avoir des virus.... j'ai scanné mes 2 autres dd,mais a part les keygens,rien que dalle... et j'ai pas trouvé d'outil de desinfection pour win32/heur... Si quelqu un c'est si prendre pour désinfecté je suis à votre ecoute -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Super,oki oki Falkra je me demandais justement Mais la j'ai quasi fini,et j'ai mis AVG en version compléte,et pense-tu que je suis saint meme si AVG ne dis rien? ou devrais-je poster un rapport Hijackthis ou autres pour etre sur? -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Merci pour tout Falkra,tu as été super....avec le boulot de Kaspersky je n'ai rien pu faire après... donc je suis en pleine reinstalle...malgré que je suis décus ..car réinstalle c'est bien,on est sur d'etre bien clean,bien stable(et c'est vrai que dans mon cas,c'est mon deuxieme pc,réservé à la MAO donc j'avais pas des masses de prog ni de données)mais je n'ai pas réussi à résoudre le problème..c'est comme changer le moteur d'une voiture pour faire la vidange ...la reinstalle ne fait que contourné le probléme..mais dans ce genre de càs c'est peut etre mieux... L'acceuil etait super,surtout pour un ptit nouveau comme moi(c'est pas le cas chez tout le monde)et tu m'a vraiment bien aidé,réponses claires,et je n'hesiterais pas venir!! Encore merci et à bientot -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
bon,ben merci kaspersky,j'ai installé,mise à jour,il lance un scan rapide,200 fichiers infecté..et la bing la becane qui redemmare,mais là que le papier peint,pu d'icone,barre,rien..et en mode sans echec excactement pareil... Je crois que la messe est dite,je suis bon pour formater et reinstaller... -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Si AVG est installé,à jour,et signale bien le probleme,mise en quarentaine,suppressions,mais à chaque redémmarage c'est le même procès que ce répète....je pense qui ne trouve pas les fichiers,et j'ai meme essayer de les supprimé avec l'outil de MAB,la suppression s'effectue avec succès,mais toujours présent Je pensais Dl Kaspersky,désinstallé AVG,et scanné avec Kaspersky...défois que.. Sinon je commence à ne plus savoir quoi faire.. -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
je dois m'absenter une bonne heure...et je reviens..vraiment désolé,et merci beaucoup pour tout -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
j'ai essayer avec IE7,mais rien,toujour probleme activex...que faire... -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Comme Kaspersky,il merdouille aussi,et comme pour GenProc,il m'indique que c'est encore produit par un probleme de l'ActiveX Il y a quelque chose pour tester son ActiveX? -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Kaspersky fait bien le download et l'instal 100%,mais des que c'est le download de la database,il reste a 0% et saute de serveur en serveur mais sans resultat?et là il dis que la maj est pas possible et fini.... -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Falkra,tout c'est bien passé,juste à redémmarer comme tu l"avais indiqué ,et voila donc le rapport de OTMoveit3: ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\windows\system32\sopidkc.exe moved successfully. ========== COMMANDS ========== File delete failed. T:\TEMPIN~1\etilqs_K1tPLAw2VxdjgwcWRYqV scheduled to be deleted on reboot. File delete failed. T:\TEMPIN~1\~DF7772.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\mta108310.dll scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT070f9.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT070fc.TMP scheduled to be deleted on reboot. Windows Temp folder emptied. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03012009_165121 Files moved on Reboot... File T:\TEMPIN~1\etilqs_K1tPLAw2VxdjgwcWRYqV not found! T:\TEMPIN~1\~DF7772.tmp moved successfully. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. C:\WINDOWS\temp\mta108310.dll unregistered successfully. C:\WINDOWS\temp\mta108310.dll moved successfully. C:\WINDOWS\temp\ZLT070f9.TMP moved successfully. C:\WINDOWS\temp\ZLT070fc.TMP moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\supaiku\Local Settings\Application Data\Mozilla\Firefox\Profiles\3qzj15sq.default\XUL.mfl moved successfully. -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
j'espere vraiment que ce n'est pas Virut..... courage!je suis tes indications à la lettre,et je poste ça de suite! Merci pour toutes ces manipes et de ton aide -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Voila le rapport Falkra,et c'est vraiment nikel tout c'est passé comme tu l'as dis Fichier sopidkc.exe reçu le 2009.03.01 16:27:00 (CET) Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.03.01 - AhnLab-V3 5.0.0.2 2009.02.27 - AntiVir 7.9.0.98 2009.02.28 W32/Virut.Gen Authentium 5.1.0.4 2009.02.28 - Avast 4.8.1335.0 2009.02.28 Win32:Vitro AVG 8.0.0.237 2009.03.01 - BitDefender 7.2 2009.03.01 - CAT-QuickHeal 10.00 2009.02.28 - ClamAV 0.94.1 2009.03.01 - Comodo 986 2009.02.20 - DrWeb 4.44.0.09170 2009.03.01 Win32.Virut.56 eSafe 7.0.17.0 2009.02.26 Suspicious File eTrust-Vet 31.6.6378 2009.03.01 - F-Prot 4.4.4.56 2009.02.28 - F-Secure 8.0.14470.0 2009.03.01 Virus.Win32.Virut.ce Fortinet 3.117.0.0 2009.03.01 - GData 19 2009.03.01 Win32:Vitro Ikarus T3.1.1.45.0 2009.03.01 - K7AntiVirus 7.10.649 2009.02.27 - Kaspersky 7.0.0.125 2009.03.01 Virus.Win32.Virut.ce McAfee 5539 2009.02.28 W32/Virut.n.gen McAfee+Artemis 5539 2009.02.28 W32/Virut.n.gen Microsoft 1.4306 2009.03.01 Virus:Win32/Virut.BM NOD32 3897 2009.02.28 Win32/Virut.NBK Norman 6.00.06 2009.02.27 - nProtect 2009.1.8.0 2009.03.01 - Panda 10.0.0.10 2009.03.01 - PCTools 4.4.2.0 2009.03.01 - Prevx1 V2 2009.03.01 - Rising 21.18.62.00 2009.03.01 - SecureWeb-Gateway 6.0.0 2009.03.01 Win32.Virut.Gen Sophos 4.39.0 2009.03.01 W32/Scribble-A Sunbelt 3.2.1858.2 2009.02.28 Win32.Virut.cf (v) Symantec 10 2009.03.01 W32.Virut.CF TheHacker 6.3.2.6.268 2009.03.01 W32/Virut.gen TrendMicro 8.700.0.1004 2009.02.27 PAK_Generic.001 VBA32 3.12.10.1 2009.03.01 Virus.Win32.Virut.X5 ViRobot 2009.2.28.1628 2009.02.28 - VirusBuster 4.5.11.0 2009.03.01 - Information additionnelle File size: 38400 bytes MD5...: 931c55ea4e6fb2fb42c9774ea9b3a738 SHA1..: 85e3b67e86aa970f935765dfde8da5c6af8250ea SHA256: 108f599b0aeb58c61dc647da641277383b2aa2c1b85c37b232f8a053be750e9e SHA512: b5e914ac7c630286c7bb89b37529b01b6f2d62458e43a1017da0d4e886f4dda7<br>ed861a31ad5f8f2d49576c283b36ceb57e02c2fdb8d13d1bd55db265325bfe00 ssdeep: 768:8EsS+1dwBSBInj4R9u1g8+YPiGJ02e2pH1vFnnc0j:8HS+/BInjmoCYhVppV<br>9nnc<br> PEiD..: - TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x13188<br>timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>UPX0 0x1000 0xd000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>UPX1 0xe000 0x4000 0x3e00 7.82 2787fd897ed59aaebf859d779be1a80d<br>.rsrc 0x12000 0x6000 0x5400 7.37 e6ba2560b010804087b27552bbb2dca9<br><br>( 2 imports ) <br>> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess<br>> rtl60.bpl: @System@TObject@<br><br>( 0 exports ) <br> Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.03.01 - AhnLab-V3 5.0.0.2 2009.02.27 - AntiVir 7.9.0.98 2009.02.28 W32/Virut.Gen Authentium 5.1.0.4 2009.02.28 - Avast 4.8.1335.0 2009.02.28 Win32:Vitro AVG 8.0.0.237 2009.03.01 - BitDefender 7.2 2009.03.01 - CAT-QuickHeal 10.00 2009.02.28 - ClamAV 0.94.1 2009.03.01 - Comodo 986 2009.02.20 - DrWeb 4.44.0.09170 2009.03.01 Win32.Virut.56 eSafe 7.0.17.0 2009.02.26 Suspicious File eTrust-Vet 31.6.6378 2009.03.01 - F-Prot 4.4.4.56 2009.02.28 - F-Secure 8.0.14470.0 2009.03.01 Virus.Win32.Virut.ce Fortinet 3.117.0.0 2009.03.01 - GData 19 2009.03.01 Win32:Vitro Ikarus T3.1.1.45.0 2009.03.01 - K7AntiVirus 7.10.649 2009.02.27 - Kaspersky 7.0.0.125 2009.03.01 Virus.Win32.Virut.ce McAfee 5539 2009.02.28 W32/Virut.n.gen McAfee+Artemis 5539 2009.02.28 W32/Virut.n.gen Microsoft 1.4306 2009.03.01 Virus:Win32/Virut.BM NOD32 3897 2009.02.28 Win32/Virut.NBK Norman 6.00.06 2009.02.27 - nProtect 2009.1.8.0 2009.03.01 - Panda 10.0.0.10 2009.03.01 - PCTools 4.4.2.0 2009.03.01 - Prevx1 V2 2009.03.01 - Rising 21.18.62.00 2009.03.01 - SecureWeb-Gateway 6.0.0 2009.03.01 Win32.Virut.Gen Sophos 4.39.0 2009.03.01 W32/Scribble-A Sunbelt 3.2.1858.2 2009.02.28 Win32.Virut.cf (v) Symantec 10 2009.03.01 W32.Virut.CF TheHacker 6.3.2.6.268 2009.03.01 W32/Virut.gen TrendMicro 8.700.0.1004 2009.02.27 PAK_Generic.001 VBA32 3.12.10.1 2009.03.01 Virus.Win32.Virut.X5 ViRobot 2009.2.28.1628 2009.02.28 - VirusBuster 4.5.11.0 2009.03.01 - Information additionnelle File size: 38400 bytes MD5...: 931c55ea4e6fb2fb42c9774ea9b3a738 SHA1..: 85e3b67e86aa970f935765dfde8da5c6af8250ea SHA256: 108f599b0aeb58c61dc647da641277383b2aa2c1b85c37b232f8a053be750e9e SHA512: b5e914ac7c630286c7bb89b37529b01b6f2d62458e43a1017da0d4e886f4dda7<br>ed861a31ad5f8f2d49576c283b36ceb57e02c2fdb8d13d1bd55db265325bfe00 ssdeep: 768:8EsS+1dwBSBInj4R9u1g8+YPiGJ02e2pH1vFnnc0j:8HS+/BInjmoCYhVppV<br>9nnc<br> PEiD..: - TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x13188<br>timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>UPX0 0x1000 0xd000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>UPX1 0xe000 0x4000 0x3e00 7.82 2787fd897ed59aaebf859d779be1a80d<br>.rsrc 0x12000 0x6000 0x5400 7.37 e6ba2560b010804087b27552bbb2dca9<br><br>( 2 imports ) <br>> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess<br>> rtl60.bpl: @System@TObject@<br><br>( 0 exports ) <br> je peux fermer cette fenetre maintenent? -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Le nouveau rapport de HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:13:14, on 01/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe C:\WINDOWS\system32\sopidkc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Documents and Settings\supaiku\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1482476501-602609370-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1482476501-602609370-839522115-1003\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.line6.net O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing) O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8372 bytes -
GenProc Error Non enregistrée
Supaiku a répondu à un(e) sujet de Supaiku dans Analyses et éradication malwares
Merci beaucoup de ton acceuil sympatique Falkra!ca fais vraiment plaisir biensur,je met Hijackthis à jour et je poste le nouveau rapport -
Bonjour, Mon PC est infecté de pas mal de malware,spy,etc..et je voulais utilisé genProc,mais apres avoir suivi bien rigoureusement le tuto,et retelecharger..je lance le fichier .bat,la 1er ligne apparait: "veuilliez patienter......a 1minute trente environ" et de suite 3lignes apparaissent: ERROR: Classe non Enregistrée. ERROR: Classe non Enregistrée. ERROR: Classe non Enregistrée. Puis vient le message de Windows Script Host: Script: C:\Doc and settings\Supaiku\Bureau\GenProc\outil\message.vbs Ligne: 7 caract: 1 Erreur : Un composant ActiveX ne peut pas créer un objet Code: 800A01AD Source: Erreur d'éxécution Microsoft VBScript J'ai pas mal chercher mais pas de cas similaire,donc j'aimerais savoir comment je pourrais faire fonctionné GenProc,ou un autre logiciel du meme type....ou tout simplement pouvoir assainnir mon PC Je glisse un rapport HijackThis tel quel si jamais quelqu un arrive a voir dedans car ça dépasse de loin mes compétences (j'ai juste passé CCleaner avant) merci d'avance à tous, de prendre le temp de lire ce post et peut etre de trouver une réponse :chepa: Rapport HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 14:51:26, on 01/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\supaiku\Bureau\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O15 - Trusted Zone: *.line6.net O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing) O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing) O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe