rapport HJT

[gieldé]

Bonjour, je publie ci-aprés mon rapport HJT car il paraîtrait que je suis infecté. Si quelqu'un peut me dire . Merci

[gieldé]

Bonjour, je publie ci-aprés mon rapport HJT car il paraîtrait que je suis infecté. Si quelqu'un peut me dire . Merci

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:26:52, on 20/02/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\system32\hphmon06.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\RamBoost XP\rambxpfr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\OpenOffice.org 2.3\program\soffice.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\notepad.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

 

--

End of file - 7208 bytes

[angelique]

ton probleme d'origine >> http://forum.zebulon.fr/index.php?showtopi...p;#entry1179497

 

------------------------------------------------------

 

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Télécharge Navilog1.exe (Il Mafioso)

Installe le,un raccourci sera crée sur le bureau, il va se lancer tout seul, choisis l'option 1 et poste le rapport.

[gieldé]

ton probleme d'origine >> http://forum.zebulon.fr/index.php?showtopi...p;#entry1179497

 

------------------------------------------------------

 

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Télécharge Navilog1.exe (Il Mafioso)

Installe le,un raccourci sera crée sur le bureau, il va se lancer tout seul, choisis l'option 1 et poste le rapport.

Merci angelique pour ta réponse, voici à suivre le rapport demandé.

earch Navipromo version 3.4.5 commencé le 20/02/2008 à 12:13:57,62

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

 

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 11.02.2008 à 20h00 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.13

Système de fichiers : NTFS

 

Executé en mode normal

 

*** Recherche Programmes installés ***

 

 

 

 

*** Recherche dossiers dans C:\WINDOWS ***

 

 

 

*** Recherche dossiers dans C:\Program Files ***

 

 

 

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

 

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\MENUDM~1\PROGRA~1" ***

 

 

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

 

 

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***

pour + d'infos : http://www.gmer.net

 

Aucun Fichier trouvé

 

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!

!!! A vérifier impérativement avant toute suppression manuelle !!!

 

* Recherche dans C:\WINDOWS\system32 *

 

* Recherche dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

 

 

 

*** Recherche fichiers ***

 

 

 

 

*** Recherche clés spécifiques dans le Registre ***

 

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche nouveaux fichiers Instant Access :

 

 

2)Recherche Heuristique :

 

* Dans C:\WINDOWS\system32 :

 

 

* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" :

 

 

3)Recherche Certificats :

 

Certificat Egroup absent !

 

4)Recherche fichiers connus :

 

 

 

*** Analyse terminée le 20/02/2008 à 12:19:59,89 ***

[angelique]

Fausse piste , desinstalle navilog1 via ajout\supp de programme.

 

ces pages proviennent peut etre de Incredimail

 

l'achat de "Premium" et "Creator Letter" ne provoque pas la fin de la publicité

 

http://assiste.com.free.fr/p/logitheque/incredimail.html

 

*** Fais un scan en ligne Kaspersky avec IE

http://www.kaspersky.com/kos/eng/partner/d...kavwebscan.html

* Clique sur Accept

* Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.

* clique une nouvelle fois sur "Accept"

* Les bases de mises à jour vont s'installer, patiente un moment

* Clique sur Next.

* Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera, et poste son rapport.

 

tuto >> milieu de page >> http://www.malekal.com/scan_Av_en_ligne.php ou là >> http://bibou0007.com/tutos-et-lexique-f45/...online-t394.htm

[gieldé]

Fausse piste , desinstalle navilog1 via ajout\supp de programme.

 

ces pages proviennent peut etre de Incredimail

http://assiste.com.free.fr/p/logitheque/incredimail.html

 

*** Fais un scan en ligne Kaspersky avec IE

http://www.kaspersky.com/kos/eng/partner/d...kavwebscan.html

* Clique sur Accept

* Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.

* clique une nouvelle fois sur "Accept"

* Les bases de mises à jour vont s'installer, patiente un moment

* Clique sur Next.

* Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera, et poste son rapport.

 

tuto >> milieu de page >> http://www.malekal.com/scan_Av_en_ligne.php ou là >> http://bibou0007.com/tutos-et-lexique-f45/...online-t394.htm

RE

Je pense que tu me déconseille de garder incrédimail? je le trouvai sympa, je vais donc en chercher un qui soit un peu fun mais sans les ennuis d'incredimail. A suivre je poste le rapport Kaspersky;

Wednesday, February 20, 2008 5:07:50 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 20/02/2008

Kaspersky Anti-Virus database records: 573496

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

Scan Target My Computer

C:\

D:\

E:\

F:\

G:\

H:\

I:\

J:\

Scan Statistics

Total number of scanned objects 81456

Number of viruses found 2

Number of infected objects 5

Number of suspicious objects 0

Duration of the scan process 02:21:51

 

Infected Object Name Virus Name Last Action

C:\74e886dc1d00ebe3dde33133ac\msxml4-KB927978-enu.log Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\admparse.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\admparse.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\advpack.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\advpack.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\browseui.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\corpol.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\custsat.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\dxtmsft.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\dxtrans.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\extmgr.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\extmgr.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\feeddisc.wav Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\hmmapi.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\hmmapi.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\html.iec Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\html.iec.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\icardie.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\icardie.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\icrav03.rat Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ie4uinit.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ie4uinit.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieakeng.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieakeng.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieakmmc.chm Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieaksie.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieaksie.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieakui.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieakui.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieapfltr.dat Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieapfltr.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iedkcs32.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iedkcs32.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iedw.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iedw.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieencode.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieeula.chm Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieframe.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieframe.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iepeers.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iepeers.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieproxy.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iernonce.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iernonce.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iertutil.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iesetup.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iesetup.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iesupp.chm Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieudinit.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieui.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieui.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieuinit.inf Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ieunatt.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iexplore.chm Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iexplore.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\iexplore.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\imgutil.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inetcorp.iem Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inetcpl.cpl Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inetcpl.cpl.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inetres.adm Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inetset.iem Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\infobar.wav Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inseng.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\inseng.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\install.ins Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\jscript.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\jsproxy.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\licmgr10.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\licmgr10.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeeds.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeeds.mof Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeedsbs.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeedsbs.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeedsbs.mof Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msfeedssync.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshta.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshta.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtml.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtml.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtml.tlb Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtmled.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtmled.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtmler.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mshtmler.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msls31.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msrating.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\msrating.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\mstime.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\navstart.wav Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\occache.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\occache.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\occache.ini Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\pngfilt.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\popupblk.wav Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\shdocvw.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\shlwapi.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\spmsg.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\spuninst.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\spupdsvc.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\tdc.ocx Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\ticrf.rat Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\eula.rtf Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\idndl.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\ie7.cat Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\iecustom.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\iereseticons.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\iesetup.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\legitlibm.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\nlsdl.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\update.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\update.exe.manifest Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\update.inf Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\update.ver Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\updspapi.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\update\xmllitesetup.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\url.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\urlmon.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\urlmon.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\vbscript.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\vgx.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\webcheck.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\webcheck.dll.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\webcheck.ini Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\winfxdocobj.exe Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\winfxdocobj.exe.mui Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\wininet.dll Object is locked skipped

C:\cf6eefbf504a3f62dc38e7a0a8cb900f\wininet.dll.mui Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2\user\uno_packages\cache\log.txt Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\common.rdb Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\Windows_x86.rdb Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend\registered_packages.db Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2\user\uno_packages\cache\uno_packages.db Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\pz8waufh.default\Cache\55B4B867d01/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\pz8waufh.default\Cache\55B4B867d01 Inno: infected - 1 skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012008021920080220\index.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\hpodvd09.log Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\Perflib_Perfdata_e5c.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped

C:\RECYCLER\S-1-5-21-532696359-43112157-1140865026-1007\Dc28.exe/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\RECYCLER\S-1-5-21-532696359-43112157-1140865026-1007\Dc28.exe Inno: infected - 1 skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP15\change.log Object is locked skipped

C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP5\A0001236.exe Infected: not-a-virus:Downloader.Win32.ImLoader.e skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped

C:\WINDOWS\Internet Logs\NOM-B0A1C0A3909.ldb Object is locked skipped

C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_150.dat Object is locked skipped

C:\WINDOWS\Temp\ZLT00ab5.TMP Object is locked skipped

C:\WINDOWS\Temp\ZLT00d28.TMP Object is locked skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

[angelique]

sans incredimail , tu n'aurais plus de page de pubs ^^

 

1/desactives|reactive ta restauration systeme::

 

http://service1.symantec.com/SUPPORT/INTER...020830101856924

 

2/vide ton cache de FF::

 

 

http://imagik.fr/view-rl/18630

[gieldé]

sans incredimail , tu n'aurais plus de page de pubs ^^

 

1/desactives|reactive ta restauration systeme::

 

http://service1.symantec.com/SUPPORT/INTER...020830101856924

 

2/vide ton cache de FF::

 

 

http://imagik.fr/view-rl/18630

Merci, j'ai fait ce que tu m'as indiqué, et je suppose que le virus trouvé par karspesky ainsi que les 5 fichiers infectés auront disparus?

[angelique]

oui y'a de grande chance ^^.... tout n'est pas du "virus" et vide ta corbeille .