Aller au contenu

lcb250

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    10

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

lcb250's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. lcb250
    je ferai le reste demain.... merci de ton aide... je te post le resultat demain bonne soirée
  2. lcb250
    si tu le veux vraiment le voilà <HTML> <HEAD> <TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> </HEAD> <BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" > <table align="center" border="0" cellpadding="0" cellspacing="0" width="90%"> <tr> <td width="458"> <p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender Online Scanner</b></span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td colspan="3" width="912"> <p><font face="Arial"><span style="font-size:11pt;"><B>Rapport d'analyse généré à: Sun, Jun 21, 2009 - 16:14:29</b></span></font></p> </td> </tr> <tr> <td width="458"> <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <p><font face="Arial"><span style="font-size:11pt;"><B>Voie d'analyse: </b></span><span style="font-size:10pt;">C:\;D:\;E:\;</span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%"> <tr> <td width="451" colspan="2" bgcolor="#CCCCCC"> <p><font face="Arial" size="2"><B>Statistiques</b></font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Temps</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">00:17:03</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Fichiers</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">89554</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Directoires</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">7779</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Secteurs de boot</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">0</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Archives</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">986</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Paquets programmes</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">17034</font></p> </td> </tr> </table> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%"> <tr> <td width="451" colspan="2" bgcolor="#CCCCCC"> <p><font face="Arial" size="2"><B>Résultats</b></font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Virus identifiés</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">1</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Fichiers infectés</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">2</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Fichiers suspects</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">0</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Avertissements</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">0</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Désinfectés</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">0</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Fichiers effacés</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">2</font></p> </td> </tr> </table> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%"> <tr> <td width="451" colspan="2" bgcolor="#CCCCCC"> <p><font face="Arial" size="2"><B>Info sur les moteurs</b></font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Définition virus</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">3439753</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Version des moteurs</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyse des plugins</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">17</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Archive des plugins</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">45</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Unpack des plugins</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">7</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">E-mail plugins</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">6</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Système plugins</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">4</font></p> </td> </tr> </table> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%"> <tr> <td width="451" colspan="2" bgcolor="#CCCCCC"> <p><font face="Arial" size="2"><B>Paramètres d'analyse</b></font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Première action</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Désinfecté</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Seconde Action</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Supprimé</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Heuristique</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Acceptez les avertissements</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Extensions analysées</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls ;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs; chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Excludez les extensions</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2"> </font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyse d'emails</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyse des Archives</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyser paquets programmes</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyse des fichiers</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">Analyse de boot</font></p> </td> <td width="43%" align="right"> <p><font face="Arial" size="2">Oui</font></p> </td> </tr> </table> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td colspan=2> <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%"> <tr> <td width="252" bgcolor="#CCCCCC"> <p><font face="Arial" size="2"><B>Fichier analysé</b></font></p> </td> <td width="195" bgcolor="#CCCCCC" align="right"> <p align="left"><b><font size="2" face="Arial"> Statut</font></b></p> </td> </tr> <tr> <td width="57%"> <p><font face="Arial" size="2">C:\RECYCLER\S-1-5-21-448539723-2147180785-1177238915-1003\Dc1\MovedFiles\06212009_150517\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon\Patch 800x600.exe</font></p> </td> <td width="43%" align="left"> <p><font face="Arial" size="2">Infecté par: Trojan.Generic.919620</font></p> </td> </tr><tr> <td width="57%"> <p><font face="Arial" size="2">C:\RECYCLER\S-1-5-21-448539723-2147180785-1177238915-1003\Dc1\MovedFiles\06212009_150517\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon\Patch 800x600.exe</font></p> </td> <td width="43%" align="left"> <p><font face="Arial" size="2">Supprimé</font></p> </td> </tr><tr> <td width="57%"> <p><font face="Arial" size="2">C:\RECYCLER\S-1-5-21-448539723-2147180785-1177238915-1003\Dc1\MovedFiles\06212009_150517\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR)\RPG Maker XP v1.0.0.1 (FR) Bodom-RaBBi.exe=>(Instyler o)=>(Instyler Module 22)</font></p> </td> <td width="43%" align="left"> <p><font face="Arial" size="2">Infecté par: Trojan.Generic.919620</font></p> </td> </tr><tr> <td width="57%"> <p><font face="Arial" size="2">C:\RECYCLER\S-1-5-21-448539723-2147180785-1177238915-1003\Dc1\MovedFiles\06212009_150517\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR)\RPG Maker XP v1.0.0.1 (FR) Bodom-RaBBi.exe=>(Instyler o)=>(Instyler Module 22)</font></p> </td> <td width="43%" align="left"> <p><font face="Arial" size="2">Supprimé</font></p> </td> </tr><tr> <td width="57%"> <p><font face="Arial" size="2">C:\RECYCLER\S-1-5-21-448539723-2147180785-1177238915-1003\Dc1\MovedFiles\06212009_150517\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR)\RPG Maker XP v1.0.0.1 (FR) Bodom-RaBBi.exe=>(Instyler o)</font></p> </td> <td width="43%" align="left"> <p><font face="Arial" size="2">Echec de la mise à jour</font></p> </td> </tr> </table> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> <tr> <td width="458"> <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p> </td> <td width="40%"> <p> </p> </td> <td width="10%"> <p> </p> </td> </tr> </table> <p> </p> </body> </html>
  3. lcb250
    bon voici le rapport de bitdefender il ecrit que mon ordi est tujours infecté voici le rapport BitDefender Online Scanner - Rapport virus en temps réel Généré à: Sun, Jun 21, 2009 - 16:29:05 -------------------------------------------------------------------------------- Info d'analyse Fichiers scannés 97340 Infectés Fichiers 2 Virus Détectés Trojan.Generic.919620 2 -------------------------------------------------------------------------------- Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde. j'ai sauvegardé un fichier en txt mais... il est illisible
  4. lcb250
    merci de ton conseil pour le controle parental je fais le scan avec bitfender mais la signature de virus est super longue par ailleurs les fenetres de pub s'ouvrent toujours
  5. lcb250
    voilà au redemarage du pc une fenetre IE s'est ouverte... de chez orange!!! ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Windowskins moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Transitions moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Titles moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Tilesets moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Pictures moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Panoramas moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Icons moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Gameovers moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Fogs moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Characters moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Battlers moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Battlebacks moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Autotiles moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics\Animations moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Graphics moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Data moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Audio\SE moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Audio\ME moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Audio\BGS moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Audio\BGM moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy\Audio moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP\Final fantasy moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPGXP moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR) moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Windowskins moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Transitions moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Titles moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Tilesets moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Pictures moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Panoramas moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Icons moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Gameovers moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Fogs moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Characters moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Battlers moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Battlebacks moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Autotiles moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics\Animations moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Graphics moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Data moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon\system\Data moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon\system moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Audio\SE moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Audio\ME moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Audio\BGS moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Audio\BGM moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\Audio moved successfully. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR) moved successfully. File/Folder D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR)\RPG Maker XP v1.0.0.1 (FR) Bodom-RaBBi.exe not found. D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR).zip moved successfully. ========== REGISTRY ========== ========== COMMANDS ========== File delete failed. C:\DOCUME~1\PCCE6A~1.USE\LOCALS~1\Temp\~DFD343.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PCCE6A~1.USE\LOCALS~1\Temp\~DFD59D.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\YXSPO3G3\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\YXSPO3G3\CAYBKNLY.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\U74ZMHQ7\iframe[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\MZG129A1\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\MZG129A1\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\JHFN6CLS\fenetre-de-pub-t164585[1].html&pid=1394407&mode=threaded scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\0[1] scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\CAQZKLUF.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\ERU96JWJ\468x60[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\96GY719O\CACT6P38.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\96GY719O\CAQVKRNK.fr scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_36c.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_58c.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTM by OldTimer - Version 2.1.0.1 log created on 06212009_150517 Files moved on Reboot... C:\DOCUME~1\PCCE6A~1.USE\LOCALS~1\Temp\~DFD343.tmp moved successfully. C:\DOCUME~1\PCCE6A~1.USE\LOCALS~1\Temp\~DFD59D.tmp moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\YXSPO3G3\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\YXSPO3G3\CAYBKNLY.htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\U74ZMHQ7\iframe[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\MZG129A1\ban_728x90[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\MZG129A1\hp[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\JHFN6CLS\fenetre-de-pub-t164585[1].html&pid=1394407&mode=threaded moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\0[1] moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\EV8NMXYL\CAQZKLUF.htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\ERU96JWJ\468x60[1].htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\96GY719O\CACT6P38.htm moved successfully. C:\Documents and Settings\pc.USER-0FDC566E5D\Local Settings\Temporary Internet Files\Content.IE5\96GY719O\CAQVKRNK.fr moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_36c.dat not found! C:\WINDOWS\temp\Perflib_Perfdata_58c.dat moved successfully. Registry entries deleted on Reboot...
  6. lcb250
    voici le rapport..... ils sont dans le dossier de mon fils grrrrrr en bas de la fenetre il est inscrit en rouge please turn off pop up window blocker to view the kaspersky lab virus encyclopedia virus -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Sunday, June 21, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Sunday, June 21, 2009 12:27:58 Records in database: 2373744 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ Scan statistics: Files scanned: 153638 Threat name: 1 Infected objects: 3 Suspicious objects: 0 Duration of the scan: 01:58:06 File name / Threat name / Threats count D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\bon\Patch 800x600.exe Infected: Trojan.Win32.Genome.esg 1 D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR)\RPG Maker XP v.1.0.0.1 (FR)\RPG Maker XP v1.0.0.1 (FR) Bodom-RaBBi.exe Infected: Trojan.Win32.Genome.esg 1 D:\Documents Thomas\creation jeux\RPG_Maker_XP_v.1.0.0.1_(FR).zip Infected: Trojan.Win32.Genome.esg 1 The selected area was scanned.
  7. lcb250
    voilà le resultat complet de MBAM , je l'vais relancé ce matin en analyse complete avec les remises à jour Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2305 Windows 5.1.2600 Service Pack 3 21/06/2009 12:01:22 mbam-log-2009-06-21 (12-01-22).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 236701 Temps écoulé: 35 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\WINDOWS\system32\drivers\735db32c.sys (Rootkit.Agent) -> Delete on reboot. de plus une fenetre s'est ouverte avec entre autre comme indication on ne peut pas supprimer c:\Windows8systeme32\drivers\735db32c.sys il faut rebooter l'ordi donc j'ai fait je vais faire l'autre partie de ton post
  8. lcb250
    bonjour je suis obligée de garder avast sur mon ordi, c'est un ordi pro.... je ne peux rien faire d'autre?
  9. lcb250
    merci de ton aide Apollo voici le resultat tres tres long Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:51:14, on 21/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Piolet\Piolet.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uneperlesurunfil.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Piolet] C:\Program Files\Piolet\Piolet.exe SILENT O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=27986 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 6292 bytes
  10. lcb250
    Bonjour Mon fils s'est servi de mon ordi et a téléchargé des jeux.. vive les ados. Il y a déjà eu un probleme que j'ai reussi a resoudre grâce à un post de votre forum. Google refusait de m'envoyer vers le lien sur lequel je cliquais. Merci à Gof , c'est lui qui repondait un un membre du forum maintenant j'ai des fenetres de pub partout , avast ne detecte rien spyboy non plus et enfin malwarebytes non plus. J'aimerais bien vous poster comme les autres le compte rendu de Hijackthis mais ça je ne sais pas le faire, je ne connais pas ce logiciel. Il y a quelques mo is j'avais des problemes avec des fenetres de pub de chez adserving , j'ai mis leur adresse sur le fichier host et plus de probleme.... maintenant ça ne fait plus rien.. les pubs reviennent quand meme et il y en a d'autres encore. Pouvez vous m'aider meme si ce probleme a déjà ete abordé plusieurs fois?
×
×
  • Créer...