Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Samedi 26 juillet 2008 - 01:18:06
- inscrits : 889822
- connectés : 15639
- questions/jour : 4142
- Taux de réponse : 84.67%
Bios effacé virus Bitdefender comment effacer les virus Comment détruire le virus amvo0 Comment effacer fichier quarantine virusscan Comment effacer les virus? Comment effacer virus trogan Données effacées virus Effacer le virus win32:adware-gen Effacer les virus free Effacer un virus fichier exe ne s'ouvrent plu Effacer virus Effacer virus gratuitement en ligne Effacer virus msn Effacer virus spywarequake Effacer virus trojan downloader Effacer virus yahoo messenger Logiciel pour effacer virus et auto gratuit Logiciel qui recherche et efface les virus et menaces Programme pour effacer virus alert Telecharger un programme pour effacer les virus dans mon ordinateur Virus Virus efface des lettres Virus efface donnée dossier acces refuser Virus efface mes fichiers Virus qui efface les images Voulez vous installer virus effaceur pour analyser votre pc ePlus
Ils ont besoin de votre aide
- 01:13 mon dossier est devenu caché comme... (Windows)
- 01:11 systemes embarquees (Programmation)
- 01:11 aider moi a débloquer mon portable... (Téléphonie/PDA/GPS)
- 01:09 new in this resau (Windows)
- 01:07 cree call center (Téléphonie/PDA/GPS)
- 01:02 webcam avec le téléphone portable (Logiciels/Pilotes)
Liste des forumsAidez-lesStatistiquesRechercherCharte
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Statut : Résolu
Posté par 
Youri, le mercredi 26 mars 2008 à 06:13:04
Problèmes suite à l'effacement du virus amvo
Posté par Youri, le mercredi 26 mars 2008 à 06:13:04Bonjour,
Voilà, j'ai été infecté par un virus: amvo.exe et sans doute d'autres choses... J'utilisais AVG free, j'ai ad-aware, spybot et spywareblaster. Ad-aware m'a signalé un nombre très important de modification de mon registre. Comme AVG et mes autres programmes ne réagissaient pas, j'ai pris un autre anti-virus
Suite à l'infection, j'ai reçu un antivirus: Eset NOD32 Antivirus de la part de mes collègues.
Je l'ai donc utilisé et il a repéré 36 fichiers infectés qu'il a mis en quarantaine.
J'ai ensuite fait fonctionner spybot, ccleaner et adaware, sans résultats. Tous mes programmes ont été mis péniblement à jour avant.
Seulement, j'ai plusieurs problèmes avec mon PC à présent (portable ACER)
1. Je n'ai plus de TaskManager, le fichier est toujours là, mais il me signale que le chemin d'accès est incorrect/fichier est introuvable.
2. J'ai Excel qui ne veut plus fonctionner, au début c'était word mais maintenant que word refonctionne, Excel veut s'installer quand je l'ouvre.
3. Quand je double-clique sur C:, il me demande avec quelle programme je veux ouvrir ce fichier.
J'ai une partition et je pourrais réinstaller windows mais cela me prendra un temps très conséquent notamment pour les updates. Je travaille dans une petite ONG, dans une petite ville au Cambodge. Les connexions sont ici très peu rapides (euphémisme inside) et peu stables. Il est pratiquement impossible de faire un scan online.
Je vous paste le rapport Hijackthis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:54, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 213.186.57.36 ladder.battle-arenas.net
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
End of file - 6430 bytes
Je vous remercie pour le temps éventuel que vous me consacrez.
Youri
Voilà, j'ai été infecté par un virus: amvo.exe et sans doute d'autres choses... J'utilisais AVG free, j'ai ad-aware, spybot et spywareblaster. Ad-aware m'a signalé un nombre très important de modification de mon registre. Comme AVG et mes autres programmes ne réagissaient pas, j'ai pris un autre anti-virus
Suite à l'infection, j'ai reçu un antivirus: Eset NOD32 Antivirus de la part de mes collègues.
Je l'ai donc utilisé et il a repéré 36 fichiers infectés qu'il a mis en quarantaine.
J'ai ensuite fait fonctionner spybot, ccleaner et adaware, sans résultats. Tous mes programmes ont été mis péniblement à jour avant.
Seulement, j'ai plusieurs problèmes avec mon PC à présent (portable ACER)
1. Je n'ai plus de TaskManager, le fichier est toujours là, mais il me signale que le chemin d'accès est incorrect/fichier est introuvable.
2. J'ai Excel qui ne veut plus fonctionner, au début c'était word mais maintenant que word refonctionne, Excel veut s'installer quand je l'ouvre.
3. Quand je double-clique sur C:, il me demande avec quelle programme je veux ouvrir ce fichier.
J'ai une partition et je pourrais réinstaller windows mais cela me prendra un temps très conséquent notamment pour les updates. Je travaille dans une petite ONG, dans une petite ville au Cambodge. Les connexions sont ici très peu rapides (euphémisme inside) et peu stables. Il est pratiquement impossible de faire un scan online.
Je vous paste le rapport Hijackthis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:54, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 213.186.57.36 ladder.battle-arenas.net
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
End of file - 6430 bytes
Je vous remercie pour le temps éventuel que vous me consacrez.
Youri
Configuration: Acer TravelMate 4150 Windows XP pro Firefox 2.0.0.12
| Youri, le mercredi 26 mars 2008 à 07:42:48 Je voulais rajouter que je ne sais plus non plus ouvrir de scripts visual basic... Il n'y a plus de correspondance de fichiers... C'est un peu le quatrième problème que j'ai eu en voulant faire fonctionner le script "asmo remover" (ou un autre nom dans le style...).
|
| Youri, le mercredi 26 mars 2008 à 08:23:39 Merci pour les encouragements...
Je dois remettre des rapports très importants dans les jours qui viennent... J'ai un back-up mais j'ai perdu 4 jours... Enfin, ce n'est pas vraiment la fin du monde... Je ne sais pas si c'est utile... Mais voici la liste des infections que ESET NOD32 m'avait trouvé... Je n'ai plus le log... D'habitude je m'en sors tout seul en lisant les forums... Mais là... Hum... 25/03/2008 9:08:31 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined 25/03/2008 9:08:16 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined 25/03/2008 9:07:58 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined 25/03/2008 9:07:53 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:51 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:46 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:45 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:42 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:39 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:38 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:32 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:32 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:25 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:25 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:21 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:18 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:17 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:15 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:11 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:10 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:04 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:07:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:57 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:57 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:55 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:50 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:44 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:43 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:41 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:36 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:36 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:30 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:28 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:23 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:23 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:22 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:21 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:20 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined 25/03/2008 9:06:17 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined 25/03/2008 9:06:16 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:16 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:15 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:14 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:10 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined 25/03/2008 9:06:09 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:09 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:07 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:06:02 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe. 25/03/2008 9:06:01 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined 25/03/2008 9:05:56 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:05:55 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:39:18 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:39:15 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:39:11 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:39:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:39:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:38:54 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:38:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:38:46 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:38:44 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:38:41 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:38:41 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. 25/03/2008 8:38:38 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri 25/03/2008 8:38:35 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe. |
j'ai demandé si quelqu'un peut te venir en aide , patience ! |
Salut,
Pour commencer, Il y'a des restes de Symantec sur ta machine donc : Pour Desinstaller Norton : Suivre les instructions de ce lien : http://service1.symantec.com/... _____________________________________________________ Le reste arrive aprés....
|
Tu dois certainement savoir que tu possède une version piraté et non légal de windows XP, ce qui ne simplifie pas la tache.
Fait ce qui suit : Fixe les lignes dans Hijackthis : Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked". R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 213.186.57.36 ladder.battle-arenas.net O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe Si présente : O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer S'il te demande un redémarrage, relance ton PC. _____________________________________________________ Pour ton problème de TaskMgr : Essaye de voir mais normallement il est présent sur ton CD de windows XP, Si tu le trouve, Fait un copie le dans C:\Windows\System32 ---> Démarer ---> Executer puis (x represente la lettre de ton lecteur cdrom contenant le cd XP) expand x:\i386\TASKMGR.EX_ %SystemRoot%\SYSTEM32\taskmgr.exe attention aux espaces entre [expand et x ] et [ EX_ et %]
|
Pour ton problème d'ouverture du disque dur :
Action par défaut des dossiers et lecteurs: Dans l'explorateur de fichiers, si l'action par défaut des dossiers et lecteurs est devenue, Rechercher, ou une autre action qu'Ouvrir essayez au menu ---> Démarrer ---> Exécuter: puis tapper :regsvr32 /i shell32 Si cela ne suffit pas, appliquez cette modification de la base de registre A telecharger et executer : Ouvrir-Explorer ++
|
Oui en effet,
Ces 2 lignes prouvent que ce n'est pas une version légitime : O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user') Ca peut etre ennuyeux parfois... Généralement dans les version non-officiel, il y a souvent de petits problèmes.
|
Il se peut qu'il y ai un rapport, dans ce cas, fixe également ces 2 lignes cités au dessus dans hijackthis comme tu l'as fait dans le post 7.
Si elle ne réapparaisse pas au prochain démarrage, c'est qu'il y avait un lien, sinon ça confirme bien ma pensée. Sinon pour l'ouverture disque dur, as tu essayé ça : ---> poste de travail ---> outils ---> Option des dossiers ---> types de fichiers ---> classe la liste par "type de fichiers" selectionne 'lecteur' ---> va dans avancé ! là, tu peux changer l'icone, et l'action par défaut, à savoir, ouvrir (open) ! ---> Nouveau ---> Dans Action mettre : open ---> Dans Application utilisé.... mettre : c:\windows\explorer.exe ---> OK |
merci d'avoir répondu a l'appel !!
toujours des traces de Norton , à mon avis! à confirmer ! O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe |