Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[RÉSOLU] Trojan TR/Agent.ECX mis en quarantaine

Sacros

Par Sacros
dans Analyses et éradication malwares

 Partager

Messages recommandés

Sacros Mega Power Member

Sacros

Posté(e)
Posté(e) (modifié)

Bonjour,

Les deux Trojan sont en quarantaine.

Après nettoyage normal du PC, je vous envoie le rapport HiJackThis.

Merci pour votre travail.

 

PS: J'ai des photos, mais je ne sais pas m'en servir avec SHACK.

 

 

http://img172.imageshack.us/my.php?image=t...n1300108xu7.jpg

http://img341.imageshack.us/my.php?image=t...n2300108dl6.jpg

 

--------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at -- Ð -- 15:52:53, on 30/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

D:\Program Files\UltraVNC\WinVNC.exe

C:\windows\system32\mqsvc.exe

D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\windows\system32\mqtgsvc.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

D:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

D:\Program Files\Picasa2\PicasaMediaDetector.exe

D:\Program Files\Secunia\PSI (RC1)\psi.exe

D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe

D:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe

D:\Program Files\IEPro\MiniDM.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SACROS NET

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SearchPageURL.dll

O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - D:\Program Files\IEPro\iepro.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WinPatrol] D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] D:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE

O4 - Startup: Secunia PSI (RC1).lnk = D:\Program Files\Secunia\PSI (RC1)\psi.exe

O4 - Startup: TransBar.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe

O4 - Startup: UberIcon.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm

O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{1076C0CB-272F-427E-B59C-ED07D4CB387D}: NameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{54A7A52F-7054-45F2-BC8E-3527F0A67BBE}: NameServer = 192.168.1.1

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: uvnc_service - www.ultravnc.fr - D:\Program Files\UltraVNC\WinVNC.exe

 

--

End of file - 7282 bytes

 

à bientôt

Modifié par Sacros

Sacros Mega Power Member

Sacros

Posté(e)
  • Auteur
Posté(e)

re,

Exactement, je voulais savoir si après les mises en quarantaine pendant le scan, mon Ordi n'avait pas d'autres bestioles.

Merci donc pour ta réponse.

Cordialement,

Ð

Zonk Godlike Member

Zonk

Posté(e)
Posté(e) (modifié)

Allo Sacros

..Si tu veux avoir un regard externe très potable, la vérification avec Kaspersky est de mise :P (pense à supprimer ,le cas échéant,les sauvegardes de ton antivirus et autres logiciels anti-véroles (il faut que tu soit certain que ces possibles sauvegardes sont belles et bien d'anciennes menaces et non des faux positifs).....ca évitera à kaspersky de prendre celles-ci comme des menaces.....

parfois les antivirus sont chatouilleux avec ce genre de scan...alors pense à désactiver ton antivirus temporairement le temps de la vérification et ensuite réactive le ! :P

 

(source :Charles Ingals :P )

-Scan en ligne Kaspersky

-Clique sur Accept

Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.

clique une nouvelle fois sur "Accept"

Les bases de mises à jour vont s'installer, patiente un moment

-Clique sur Next.

-Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

 

 

A la fin du scan, si des objets infectés sont découverts, clique sur Save report as... Choisis bureau et nomme le rapport "rapport Kaspersky" et dans le champ d'enregistrement, choisis "fichiers texte" enregistre alors le rapport.

 

Copie/colle la totalité du fichier texte ouvert, par clic droit dessus, sélectionner tout/copier.

 

Colle ce rapport dans ta réponse sur le forum.

 

NOTE: Le scan est à faire avec Internet Explorer.

Modifié par Zonk
Zonk Godlike Member

Zonk

Posté(e)
Posté(e)
  angelique a dit :
Ola Zonk ;o)

 

peu d'utilité d'un kasperskyOnline apres un scan antivir ^^, ce dernier etant assez efficace.

....je sais ...mais si ca peut le mettre en confiance.....

@+ A. :P

Sacros Mega Power Member

Sacros

Posté(e)
  • Auteur
Posté(e)

Bonjour à tous,

Merci Zonk.

Voici le rapport Kaspersky. Merci

Le rapport HiJackThis est plus haut au cas ou ?

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Thursday, January 31, 2008 8:16:34 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 31/01/2008

Kaspersky Anti-Virus database records: 540183

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A:\

C:\

D:\

F:\

G:\

 

Scan Statistics:

Total number of scanned objects: 65951

Number of viruses found: 3

Number of infected objects: 10

Number of suspicious objects: 0

Duration of the scan process: 05:25:29

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys5e883230a20d45ccfbfdaeccb5f363c_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys6dc3b0f4a54789fa1e6741de3f0196c_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeysa0262c321d143cdff8303e89f011e80_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeysa3679052e329078290f2024e459bf93_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1873ab1b0b582ff8925dbfd4457381e5_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19106eb29853377bdc2f61534092a43c_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d0e056cf9532c96e51339c013dc3ed2_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dd3e7d22be4eb7030391d8a0ba92c3f_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e578fa5359cd23427a52d9638935c24_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21c18aeb6477042fbd96fbe275616884_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26e25b5bb0b1369582ed8d7e992a85d6_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cf1df0eedac2e0091718ac29efa307f_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d0593576c5bf12df79c6b5b36c442aa_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\315b0433c7c89986d53b55a9b1ed9da2_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32892d03f519891ce71e0bc53901e927_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34860087fea67600697e910609b30cfa_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34b0cecb4082fea59722e120ecbd98f2_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38175fbba239529ce7dc5afca21e538f_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4bcb5c8e41b946079f2d89719ab3b690_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4c0762d4de138771747ab55aa913d81b_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5038b229b8b3885e83a7f6181d8d150a_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\508ef68ea4fc3d89d94061743ea752d8_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5356de8504cda3494cd587eaba7c6721_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\56d5c06ae6b6afbe5068e2869ed61f53_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a078b7b668603998685df2926f73bcf_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5cd2ea48003e031d6335d83fcb4212f1_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\66025c1aa06bf585685261ade1fefbbd_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\67575ec732601390f6e2d2c14a173a2e_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\705f3632755e42636ec2be7c0183f002_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74746255300da6e8b33f2a05ca800df4_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\771cd7f8277c501b361f56a4a142b7f7_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7c3300ae2fd75a3c30ab98447680f59e_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cc51ca9858b0a32e9f998dd0a25f320_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7f6a5f1ac438fa73ce99501fd24c731e_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7fcbf67d4783bbece249b63703ce5dfc_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8089e6e6f6738e359bac95ee9f6aa9e8_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\850a269ee30a2dd3391f6e939663462b_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\89689499fc264027f701075bf111be97_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\89c6f910e2277dce3c9c22bf4c103bc1_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b700e18c0bf3d44e02ca54948132ffa_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8c7cb39cccecb75f687dff7f0b04834f_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e55a2ed977e3e8132dd5894fb8f962a_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8efe841de1a553cd090ff7d3fc742133_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9043975232ac6a2f34e8fca62f24f3eb_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92bb140db3dc9ded13cd6f745a7049e3_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94f8dbead99660815a2d958bef7a7c91_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\96e1d8ec8b889ca24ad2f86f0059aaf9_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\983968929dc305cfe19a8f37248f7f90_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9bcd6ea78f5e15eda616068568d6cc9b_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c4e2a101a213a7e5fd94bd569ea0bf7_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9d78a9d1fa8c78897f4f3c45e6e1e582_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9e1a81d943d7d37b3d342722a8a44c75_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9f0b85d0c5df9a86008a0ac1c24f0886_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a037874ca04d93c00e2d6d713c3d1a6c_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0dc81932d9a1c0653b03010609f8c5e_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a373e972ca9c433ed18c9fa8473438ff_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3f7e64db7eab4fba3079ccfefc730ee_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a75ab1c99441e85725c84a95275e6763_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a81c3e1af6608bcd872aa96ea443c998_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a99f40c12f38c1bdab77ce500a0b89f0_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\abe49bdf4dcaba1d95305aed6e76ef79_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad090d99aa0376b4493c53c1b6a95597_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ae3941c05b0260428353f9f96e12a83b_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1e88f9dfc961dd4bf656ac0e43e77c8_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b3dd1d56373b9c05ec3bb5551ba60cb0_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b5e1ee90460bc2cdd1ea423b9cadc069_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b737d179cffac8161ca3f55848342084_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b8596b6154501a3d7dfc338272120378_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b8b8470f7686ccefeb7c5e5216b881bc_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c765c222efbfe1da8ab279e8561a5b19_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7f32d8b8f84e63937bc6febfec4a716_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c88c6e09ab629f424a564512e46a3933_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c9029b08dcd0749bdd6258177c1b55d7_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cd689ff1423f4f0d763a171e886351ca_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d9c3ee16135ccbf5e130061c8ae7102a_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\da9a0b56c679ab2cb439444d23ce4723_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dae2307ef5afadac865338171b217219_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dbe315436f9e97eed8adc930415852c0_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0354b7a483e5e2fa45f208edd763530_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eb20339bf609ae917deb175c35ee7e9f_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee4ac5cf032f028ec0a1bb1e6a3d13f7_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee71a8d308bafba12b14c11251219484_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f1bb812329d8e777418644535b2fef18_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f9601d687c46bc6dba313b10a45833f9_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fa10c52df1b3439b2792746436458535_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fd52dbb14fe79e0cb4393914b4e29ffc_9355d71d-33c3-42a9-85c4-1f85ab218493 Object is locked skipped

C:\Documents and Settings\LocalService.AUTORITE NT.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService.AUTORITE NT.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService.AUTORITE NT.001\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService.AUTORITE NT.001\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService.AUTORITE NT.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService.AUTORITE NT.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService.AUTORITE NT.001\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService.AUTORITE NT.001\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Local Settings\Temp\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file005 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file034 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file051 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe Inno: infected - 4 skipped

C:\Documents and Settings\Sacros.DOMBIS.001\ntuser.dat Object is locked skipped

C:\Documents and Settings\Sacros.DOMBIS.001\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\_restore{8F3CEC0B-F8DD-4934-AC89-D6654BC91675}\RP567\A0113481.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\System Volume Information\_restore{8F3CEC0B-F8DD-4934-AC89-D6654BC91675}\RP567\A0113490.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\System Volume Information\_restore{8F3CEC0B-F8DD-4934-AC89-D6654BC91675}\RP567\A0113491.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped

C:\System Volume Information\_restore{8F3CEC0B-F8DD-4934-AC89-D6654BC91675}\RP575\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped

C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped

C:\WINDOWS\system32\msmq\storage\QMLog Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Tasks\SCHEDLGU.TXT Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\Program Files\BillP Studios\WinPatrol\Setup.exe Infected: not-a-virus:AdWare.Win32.DealHelper.ak skipped

D:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

D:\Sauvegarde\E 2006-12-05 10;56;39\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000240.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000241.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000242.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000243.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000244.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000245.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000246.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000247.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000248.ver Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000249.inf Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000250.cat Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000251.sys Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000252.ver Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000253.inf Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000254.cat Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000255.sys Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000256.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000257.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000258.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000259.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP10\A0000260.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000212.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000213.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000214.sys Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000215.cat Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000216.inf Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000217.ver Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000218.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000219.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000220.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000221.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000222.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000223.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000224.ver Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000225.inf Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000226.cat Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000227.sys Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000228.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000229.exe Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000230.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000231.dll Object is locked skipped

D:\System Volume Information\_restore{56150063-41FB-403C-81D5-1AD5B4BF7FEA}\RP9\A0000232.exe Object is locked skipped

 

Scan process completed.

Sacros Mega Power Member

Sacros

Posté(e)
  • Auteur
Posté(e)

Bonjour à tous................

 

Voilà Zonk, tu avais raison je crois. Tout à l'air bloqué dans le rapport ??

Merci d'avance.

Zonk Godlike Member

Zonk

Posté(e)
Posté(e) (modifié)

J'aime pas ces lignes.....

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file005 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file034 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file051 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe Inno: infected - 4 skipped

D:\Program Files\BillP Studios\WinPatrol\Setup.exe Infected: not-a-virus:AdWare.Win32.DealHelper.ak skipped

D:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

Édit : je vois autres lignes...mais elles sont dans les points de restauration...alors normalement facile à regler....

 

Peronnellement je considère que ca prendrait l'aide de l'Équipe Sécurité pour possiblement parfaire la job...

Modifié par Zonk
oGu Godlike Member

oGu

Posté(e)
Posté(e) (modifié)

Salut!

 

TOUJOURS se méfier des antivirus et de leurs faux-positifs: un rapport d'AV n'est pas parole d'évangile!!

 

 

Ces lignes correspondent à un logiciel SAIN de prise de contrôle à distance: UltraVNC

 

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file005 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file034 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe/file051 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

C:\Documents and Settings\Sacros.DOMBIS.001\Mes documents\My Downloads\UltraVNC-102-Setup-Fr.exe Inno: infected - 4 skipped

D:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped

Cette ligne correspond à un logiciel SAIN de sécurité:WinPatrol

 

D:\Program Files\BillP Studios\WinPatrol\Setup.exe Infected: not-a-virus:AdWare.Win32.DealHelper.ak skipped

 

 

Ce ne sont que des faux-positifs.

 

 

  Zonk a dit :
Édit : je vois autres lignes...mais elles sont dans les points de restauration...alors normalement facile à regler....

.

 

Non! Le rapport indique que les points de restauration n'ont pas été scannés, pas qu'ils sont infectés :P !

 

Le log est propre de mon point de vue.

Modifié par ogu

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...