A voir également:
- Probleme win32 et Malware-gen
- Malware anti malware - Télécharger - Antivirus & Antimalwares
- Hacktool win32 autokms ✓ - Forum Virus
- Puadimanager win32 ✓ - Forum Virus
- Roguekiller anti-malware - Télécharger - Antivirus & Antimalwares
- Win32:trojan-gen - Forum Virus
14 réponses
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
27 juil. 2009 à 16:41
27 juil. 2009 à 16:41
Ta version de Windows est une version officielle ou piratée ?
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
19 juil. 2009 à 14:29
19 juil. 2009 à 14:29
Bonjour,
Peux-tu utiliser ce logiciel de diagnostic stp, ça me permettra de t'aider :
• Télécharge Random's System Information Tool (RSIT) de random/random, et enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur ' continue ' à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés
Tutoriel illustré pour t'aider : https://www.androidworld.fr/
Peux-tu également préciser le nom et la localisation des fichiers détectés par Avast stp ?
Peux-tu utiliser ce logiciel de diagnostic stp, ça me permettra de t'aider :
• Télécharge Random's System Information Tool (RSIT) de random/random, et enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur ' continue ' à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés
Tutoriel illustré pour t'aider : https://www.androidworld.fr/
Peux-tu également préciser le nom et la localisation des fichiers détectés par Avast stp ?
pimprenelle27
Messages postés
20857
Date d'inscription
lundi 10 décembre 2007
Statut
Contributeur sécurité
Dernière intervention
8 octobre 2019
2 502
19 juil. 2009 à 14:29
19 juil. 2009 à 14:29
Bonjour,
Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner
Ensuite :
Télécharge le fichier d'installation d'HijackThis.
Enregistre HJTInstall.exe sur ton bureau.
Renomme Hijackthis en Tutu
Double-clique sur HJTInstall.exe (tutu) pour lancer le programme
Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis
Accepte la licence en cliquant sur le bouton "I Accept"
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Colle le rapport que tu viens de copier sur ce forum
Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
Tutoriaux (ne fixe rien pour le moment !!)
Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner
Ensuite :
Télécharge le fichier d'installation d'HijackThis.
Enregistre HJTInstall.exe sur ton bureau.
Renomme Hijackthis en Tutu
Double-clique sur HJTInstall.exe (tutu) pour lancer le programme
Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis
Accepte la licence en cliquant sur le bouton "I Accept"
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Colle le rapport que tu viens de copier sur ce forum
Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
Tutoriaux (ne fixe rien pour le moment !!)
Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
fix200
Messages postés
3243
Date d'inscription
dimanche 28 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
7 février 2011
158
19 juil. 2009 à 14:31
19 juil. 2009 à 14:31
Salut ,
Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
▶ Double-clique sur RSIT.exe afin de lancer RSIT.
▶ Clique sur Continue à l'écran " Disclaimer of warranty ".
▶ Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
=> Poste le contenu de log.txt (qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Note : Les deux rapports sont également sauvegardés %systemdrive%\rsit ou C:\rsit
Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
▶ Double-clique sur RSIT.exe afin de lancer RSIT.
▶ Clique sur Continue à l'écran " Disclaimer of warranty ".
▶ Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
=> Poste le contenu de log.txt (qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Note : Les deux rapports sont également sauvegardés %systemdrive%\rsit ou C:\rsit
voila le resultat
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tess at 2009-07-19 14:57:10
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (36%) free of 29 GB
Total RAM: 447 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:37, on 19/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tess\Bureau\RSIT.exe
C:\Program Files\trend micro\Tess.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tess at 2009-07-19 14:57:10
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (36%) free of 29 GB
Total RAM: 447 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:37, on 19/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tess\Bureau\RSIT.exe
C:\Program Files\trend micro\Tess.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fix200
Messages postés
3243
Date d'inscription
dimanche 28 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
7 février 2011
158
19 juil. 2009 à 14:33
19 juil. 2009 à 14:33
Oullllllla il ya du monde ... :D
Chui en retard là ... Je vous laisse :)
Chui en retard là ... Je vous laisse :)
pimprenelle27
Messages postés
20857
Date d'inscription
lundi 10 décembre 2007
Statut
Contributeur sécurité
Dernière intervention
8 octobre 2019
2 502
19 juil. 2009 à 14:34
19 juil. 2009 à 14:34
Je te laisse anthony5151
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
19 juil. 2009 à 14:37
19 juil. 2009 à 14:37
Bonjour à vous deux, et merci ;)
@+
@+
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
19 juil. 2009 à 15:27
19 juil. 2009 à 15:27
Re,
C'est une infection de disque amovible, on va traiter ça avec USBFix :
Télécharge USBFix (de Chiquitine29 et C_XX) sur ton Bureau
• Lance l'installation avec les paramètres par défaut
• Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
• Double clique sur le raccourci USBFix sur ton Bureau
• Au menu principal, choisis l'option 2 (Suppression)
• Ton Bureau va disparaitre, puis l'ordinateur va redémarrer --> c'est normal
• Laisse travailler l'outil jusqu'au bout
• A la fin, le rapport va s'afficher --> poste le dans ta prochaine réponse stp
C'est une infection de disque amovible, on va traiter ça avec USBFix :
Télécharge USBFix (de Chiquitine29 et C_XX) sur ton Bureau
• Lance l'installation avec les paramètres par défaut
• Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
• Double clique sur le raccourci USBFix sur ton Bureau
• Au menu principal, choisis l'option 2 (Suppression)
• Ton Bureau va disparaitre, puis l'ordinateur va redémarrer --> c'est normal
• Laisse travailler l'outil jusqu'au bout
• A la fin, le rapport va s'afficher --> poste le dans ta prochaine réponse stp
ca y est, et voici le rapport de usbfix
############################## | UsbFix V6.008 |
# User : Tess (Administrateurs) # ARNAUD
# Update on 17/07/09 by Chiquitine29 & C_XX
# Start at: 15:32:39 | 20/07/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Intel(R) Pentium(R) 4 CPU 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1335 [VPS 090719-1] 4.8.1335 [ Enabled | Updated ]
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 27,95 Go (9,94 Go free) [VAIO] # NTFS
# D:\ # Disque fixe local # 27,95 Go (7,85 Go free) [VAIO] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque fixe local # 465,76 Go (119,46 Go free) [arno portable] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
################## | Fichiers # Dossiers infectieux |
################## | C:\Documents and Settings\Tess\Temporary Internet Files |
################## | All Drives ... |
Supprimé ! G:\._autorun.inf
################## | Registre # Clés Run infectieuses |
Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "ms32dll"
Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "RavAV"
Supprimé ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "cdoosoft"
# HKLM\software\microsoft\security center "AntiVirusDisableNotify" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "FirewallDisableNotify" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "UpdatesDisableNotify" # -> Reset sucessfully !
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{01b50460-6903-11da-9d76-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{06f9f690-7d0f-11da-9dad-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1d230029-af2e-11dc-a9a0-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1d23002c-af2e-11dc-a9a0-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1fbcd3e0-321c-11db-a6da-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{22d96ef0-775e-11dc-a8fe-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{22d96ef1-775e-11dc-a8fe-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2432e993-4a95-11dc-a8b9-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{274dd650-043e-11dd-aa54-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{27f71dd0-d2bf-11dd-aab3-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2b366010-77f8-11da-9da0-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{38037fb0-b360-11d9-9ca4-00038a000015}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{432b26d0-190b-11dd-aa70-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4d2ea750-de1e-11db-a815-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5fdacd50-2ef7-11db-a6d4-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{690e9590-b8b9-11d9-9cb3-00038a000015}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{6a2a9c01-2fd2-11da-9ce4-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{72302ed5-3d1c-11db-a6f1-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{73a32080-ec9e-11dc-aa29-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{73abb630-a01c-11dc-a979-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{78e0d7b0-46bd-11dc-a8b3-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8b65406f-3925-11db-a6e7-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8ccfd960-9043-11db-a765-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{95451dd0-e2c1-11db-a821-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{95451dd1-e2c1-11db-a821-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{96032480-bd37-11dd-aa93-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9627ce80-be02-11db-a7d1-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9627ce81-be02-11db-a7d1-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{99ce7e10-83a6-11da-9dbd-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9c6aa10e-06ea-11dc-a862-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9d8be8e0-a86b-11da-9e12-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9dc5ea10-1123-11dd-aa69-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9e4df210-1bd5-11da-9caf-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a8344860-e601-11db-a82a-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{aa3fb851-10c7-11de-aae5-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{b1e09df6-398e-11de-aaf6-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c257dc06-2173-11da-9cc0-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{dd9859b1-2d64-11dc-a892-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e9d8f400-bbf9-11dd-aa91-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d0-f03f-11dc-aa2f-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d1-f03f-11dc-aa2f-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d2-f03f-11dc-aa2f-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fbad6ef0-9d8d-11da-9dfc-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fff34820-aca5-11dc-a997-080046bd7ea7}\Shell\Auto\Command
################## | Listing des fichiers présent |
[17/07/2009 16:18|--a------|20727] - C:\aaw7boot.log
[05/08/2003 13:10|--a------|0] - C:\AUTOEXEC.BAT
[14/06/2005 16:00|---hs----|212] - C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] - C:\Bootfont.bin
[21/06/2005 14:01|--a------|7346] - C:\caavsetup.log
[05/08/2003 13:10|--a------|0] - C:\CONFIG.SYS
[?|?|?] - C:\hiberfil.sys
[11/01/2006 17:10|--a------|2216] - C:\INSTALL.LOG
[05/08/2003 13:10|-rahs----|0] - C:\IO.SYS
[30/01/2005 15:16|---------|7896] - C:\jswx.log
[18/09/2005 11:51|--a------|136] - C:\log.txt
[05/08/2003 13:10|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[18/01/2004 19:07|--a------|0] - C:\out.lst
[18/01/2004 19:07|---------|98] - C:\out.rpk
[?|?|?] - C:\pagefile.sys
[14/06/2005 15:02|---------|297000] - C:\PollSt.txt
[24/05/2009 15:30|--a------|148534] - C:\snapshot20090524153046.bmp
[24/05/2009 15:30|--a------|148534] - C:\snapshot20090524153052.bmp
[24/05/2009 15:31|--a------|148534] - C:\snapshot20090524153057.bmp
[24/05/2009 16:28|--a------|180278] - C:\snapshot20090524162821.bmp
[24/05/2009 16:28|--a------|180278] - C:\snapshot20090524162841.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162854.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162952.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162956.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524162959.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524163003.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524163009.bmp
[24/05/2009 18:45|--a------|231478] - C:\snapshot20090524184420.bmp
[24/05/2009 18:45|--a------|231478] - C:\snapshot20090524184554.bmp
[24/05/2009 18:46|--a------|231478] - C:\snapshot20090524184558.bmp
[24/05/2009 18:46|--a------|231478] - C:\snapshot20090524184600.bmp
[08/07/2004 19:53|--a------|0] - C:\UFantasy.ini
[24/05/2001 13:59|--a------|162304] - C:\UNWISE.EXE
[20/07/2009 15:34|--a------|9135] - C:\UsbFix.txt
[26/05/2008 21:54|--a------|35840] - D:\Arnaud TEISSEYRE.doc
[11/03/2006 14:34|--a------|35471833] - D:\klmcodec151.exe
[28/03/2006 01:41|--a------|104] - D:\Poste de travail.lnk
[11/03/2009 00:25|---hs----|29018] - G:\.VolumeIcon.icns
[11/03/2009 00:25|---hs----|25214] - G:\.VolumeIcon.ico
[11/03/2009 00:25|---------|126976] - G:\LaCie.exe
[11/03/2009 00:25|---h-----|390] - G:\LaCie.ini
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.008 ! |
je fais quoi maintenant???
merci!!!!!!!!
############################## | UsbFix V6.008 |
# User : Tess (Administrateurs) # ARNAUD
# Update on 17/07/09 by Chiquitine29 & C_XX
# Start at: 15:32:39 | 20/07/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Intel(R) Pentium(R) 4 CPU 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1335 [VPS 090719-1] 4.8.1335 [ Enabled | Updated ]
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 27,95 Go (9,94 Go free) [VAIO] # NTFS
# D:\ # Disque fixe local # 27,95 Go (7,85 Go free) [VAIO] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque fixe local # 465,76 Go (119,46 Go free) [arno portable] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
################## | Fichiers # Dossiers infectieux |
################## | C:\Documents and Settings\Tess\Temporary Internet Files |
################## | All Drives ... |
Supprimé ! G:\._autorun.inf
################## | Registre # Clés Run infectieuses |
Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "ms32dll"
Supprimé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "RavAV"
Supprimé ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "cdoosoft"
# HKLM\software\microsoft\security center "AntiVirusDisableNotify" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "FirewallDisableNotify" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "UpdatesDisableNotify" # -> Reset sucessfully !
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{01b50460-6903-11da-9d76-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{06f9f690-7d0f-11da-9dad-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1d230029-af2e-11dc-a9a0-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1d23002c-af2e-11dc-a9a0-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1fbcd3e0-321c-11db-a6da-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{22d96ef0-775e-11dc-a8fe-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{22d96ef1-775e-11dc-a8fe-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2432e993-4a95-11dc-a8b9-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{274dd650-043e-11dd-aa54-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{27f71dd0-d2bf-11dd-aab3-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2b366010-77f8-11da-9da0-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{38037fb0-b360-11d9-9ca4-00038a000015}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{432b26d0-190b-11dd-aa70-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4d2ea750-de1e-11db-a815-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5fdacd50-2ef7-11db-a6d4-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{690e9590-b8b9-11d9-9cb3-00038a000015}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{6a2a9c01-2fd2-11da-9ce4-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{72302ed5-3d1c-11db-a6f1-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{73a32080-ec9e-11dc-aa29-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{73abb630-a01c-11dc-a979-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{78e0d7b0-46bd-11dc-a8b3-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8b65406f-3925-11db-a6e7-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8ccfd960-9043-11db-a765-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{95451dd0-e2c1-11db-a821-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{95451dd1-e2c1-11db-a821-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{96032480-bd37-11dd-aa93-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9627ce80-be02-11db-a7d1-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9627ce81-be02-11db-a7d1-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{99ce7e10-83a6-11da-9dbd-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9c6aa10e-06ea-11dc-a862-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9d8be8e0-a86b-11da-9e12-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9dc5ea10-1123-11dd-aa69-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9e4df210-1bd5-11da-9caf-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a8344860-e601-11db-a82a-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{aa3fb851-10c7-11de-aae5-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{b1e09df6-398e-11de-aaf6-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c257dc06-2173-11da-9cc0-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{dd9859b1-2d64-11dc-a892-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e9d8f400-bbf9-11dd-aa91-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d0-f03f-11dc-aa2f-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d1-f03f-11dc-aa2f-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ef03b8d2-f03f-11dc-aa2f-080046bd7ea7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fbad6ef0-9d8d-11da-9dfc-080046bd7ea7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fff34820-aca5-11dc-a997-080046bd7ea7}\Shell\Auto\Command
################## | Listing des fichiers présent |
[17/07/2009 16:18|--a------|20727] - C:\aaw7boot.log
[05/08/2003 13:10|--a------|0] - C:\AUTOEXEC.BAT
[14/06/2005 16:00|---hs----|212] - C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] - C:\Bootfont.bin
[21/06/2005 14:01|--a------|7346] - C:\caavsetup.log
[05/08/2003 13:10|--a------|0] - C:\CONFIG.SYS
[?|?|?] - C:\hiberfil.sys
[11/01/2006 17:10|--a------|2216] - C:\INSTALL.LOG
[05/08/2003 13:10|-rahs----|0] - C:\IO.SYS
[30/01/2005 15:16|---------|7896] - C:\jswx.log
[18/09/2005 11:51|--a------|136] - C:\log.txt
[05/08/2003 13:10|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[18/01/2004 19:07|--a------|0] - C:\out.lst
[18/01/2004 19:07|---------|98] - C:\out.rpk
[?|?|?] - C:\pagefile.sys
[14/06/2005 15:02|---------|297000] - C:\PollSt.txt
[24/05/2009 15:30|--a------|148534] - C:\snapshot20090524153046.bmp
[24/05/2009 15:30|--a------|148534] - C:\snapshot20090524153052.bmp
[24/05/2009 15:31|--a------|148534] - C:\snapshot20090524153057.bmp
[24/05/2009 16:28|--a------|180278] - C:\snapshot20090524162821.bmp
[24/05/2009 16:28|--a------|180278] - C:\snapshot20090524162841.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162854.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162952.bmp
[24/05/2009 16:29|--a------|180278] - C:\snapshot20090524162956.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524162959.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524163003.bmp
[24/05/2009 16:30|--a------|180278] - C:\snapshot20090524163009.bmp
[24/05/2009 18:45|--a------|231478] - C:\snapshot20090524184420.bmp
[24/05/2009 18:45|--a------|231478] - C:\snapshot20090524184554.bmp
[24/05/2009 18:46|--a------|231478] - C:\snapshot20090524184558.bmp
[24/05/2009 18:46|--a------|231478] - C:\snapshot20090524184600.bmp
[08/07/2004 19:53|--a------|0] - C:\UFantasy.ini
[24/05/2001 13:59|--a------|162304] - C:\UNWISE.EXE
[20/07/2009 15:34|--a------|9135] - C:\UsbFix.txt
[26/05/2008 21:54|--a------|35840] - D:\Arnaud TEISSEYRE.doc
[11/03/2006 14:34|--a------|35471833] - D:\klmcodec151.exe
[28/03/2006 01:41|--a------|104] - D:\Poste de travail.lnk
[11/03/2009 00:25|---hs----|29018] - G:\.VolumeIcon.icns
[11/03/2009 00:25|---hs----|25214] - G:\.VolumeIcon.ico
[11/03/2009 00:25|---------|126976] - G:\LaCie.exe
[11/03/2009 00:25|---h-----|390] - G:\LaCie.ini
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.008 ! |
je fais quoi maintenant???
merci!!!!!!!!
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
20 juil. 2009 à 18:05
20 juil. 2009 à 18:05
Fais maintenant ce scan généraliste stp :
• Télécharge et installe Malwarebytes' Anti-Malware
• A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
• Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
• Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
• A la fin du scan, clique sur Afficher les résultats
• Coche tous les éléments détectés puis clique sur Supprimer la sélection
• Enregistre le rapport
• S'il t'est demandé de redémarrer, clique sur Yes
• Poste dans ta prochaine réponse le rapport apparaissant après la suppression stp
Ensuite, fais redémarrer ton ordinateur et poste un nouveau rapport RSIT
• Télécharge et installe Malwarebytes' Anti-Malware
• A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
• Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
• Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
• A la fin du scan, clique sur Afficher les résultats
• Coche tous les éléments détectés puis clique sur Supprimer la sélection
• Enregistre le rapport
• S'il t'est demandé de redémarrer, clique sur Yes
• Poste dans ta prochaine réponse le rapport apparaissant après la suppression stp
Ensuite, fais redémarrer ton ordinateur et poste un nouveau rapport RSIT
salut, voici le rapport mbam apres avoir supprimé un bon nombre d'elements infectés!!!
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2479
Windows 5.1.2600 Service Pack 2
22/07/2009 17:15:40
mbam-log-2009-07-22 (17-15-40).txt
Type de recherche: Examen rapide
Eléments examinés: 113691
Temps écoulé: 7 minute(s), 9 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 35
Fichier(s) infecté(s): 173
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\INSTANT-ACCESS (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Bargain Buddy (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
c:\program files\bargain buddy\bin2 (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\program files\instant access\Center\Join The Orgy.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\KooAccess.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\NoCreditCard.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\SexLive.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\Join The Orgy.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\KooAccess.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\SexLive.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\Join The Orgy.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\KooAccess.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\SexLive.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_04.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_07.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_08.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_09.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_10.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_11.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_12.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_13.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_14.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_15.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_16.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_17.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_20.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_22.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_23.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_24.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_25.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_26.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_27.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_28.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_30.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_31.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_32.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_33.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_35.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_36.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_37.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_38.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_40.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_42.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_43.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_44.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_45.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_46.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_47.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_48.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_49.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_50.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_51.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\spacer.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\index.ncc (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\mainframe.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\banner.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r1_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r1_c3.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r2_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r3_c3.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r4_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_04.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_07.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_08.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_09.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_10.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_11.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_12.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_13.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_14.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_15.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_16.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_17.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_20.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_22.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_23.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_24.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_25.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_26.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_27.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_28.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_30.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_31.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_32.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_33.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_35.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_43.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\spacer.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_01.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_03.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_05.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0101.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0102.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0103.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0201.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\02bk.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0301.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0302.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0303.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\fla2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\bargain buddy\error.log (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
apres voila le rapport rsit :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tess at 2009-07-22 17:31:23
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 14 GB (48%) free of 29 GB
Total RAM: 447 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:24, on 22/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Tess\Bureau\RSIT.exe
C:\Program Files\trend micro\Tess.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2479
Windows 5.1.2600 Service Pack 2
22/07/2009 17:15:40
mbam-log-2009-07-22 (17-15-40).txt
Type de recherche: Examen rapide
Eléments examinés: 113691
Temps écoulé: 7 minute(s), 9 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 35
Fichier(s) infecté(s): 173
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\INSTANT-ACCESS (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237 (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\ExitTraffic (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Bargain Buddy (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
c:\program files\bargain buddy\bin2 (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\program files\instant access\Center\Join The Orgy.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\KooAccess.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\NoCreditCard.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\SexLive.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\Join The Orgy.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\KooAccess.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\Center\Icons\SexLive.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\Join The Orgy.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\KooAccess.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\desktopicons\instant-access\SexLive.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\1691301386\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_04.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_07.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_08.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_09.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_10.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_11.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_12.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_13.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_14.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_15.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_16.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_17.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_20.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_22.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_23.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_24.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_25.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_26.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_27.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_28.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_30.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_31.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_32.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_33.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_35.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_36.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_37.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_38.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_40.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_42.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_43.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_44.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_45.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_46.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_47.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_48.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_49.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_50.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\index_51.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\2937166087\img\spacer.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\index.ncc (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\mainframe.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\banner.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4220358259\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r1_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r1_c3.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r2_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r3_c3.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\index_r4_c1.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\4520723324\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_04.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_07.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_08.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_09.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_10.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_11.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_12.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_13.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_14.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_15.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_16.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_17.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_20.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_22.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_23.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_24.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_25.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_26.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_27.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_28.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_30.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_31.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_32.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_33.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_35.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\index_43.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\5214476531\img\spacer.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_01.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_02.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_03.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\index_05.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\8018879001\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\index.htm (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\hits.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\Common\show_module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\exittraffic\exit.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0101.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0102.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0103.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0201.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\02bk.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0301.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0302.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\0303.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\fla2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\hits_img.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\joinbyncc2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_1_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_2_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_go_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\instant access\P2E\870083237\img\p2e_logo_2.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\bargain buddy\error.log (Adware.Bargain.Buddy) -> Quarantined and deleted successfully.
apres voila le rapport rsit :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tess at 2009-07-22 17:31:23
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 14 GB (48%) free of 29 GB
Total RAM: 447 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:24, on 22/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Tess\Bureau\RSIT.exe
C:\Program Files\trend micro\Tess.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
22 juil. 2009 à 18:28
22 juil. 2009 à 18:28
On va faire un nouveau scan par sécurité, ensuite je te donnerai des conseils pour sécuriser ton ordinateur ;)
impec!!!
avec malwarebytes il n'y a plus rien...
voici le rapport..
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2479
Windows 5.1.2600 Service Pack 2
22/07/2009 17:27:40
mbam-log-2009-07-22 (17-27-40).txt
Type de recherche: Examen rapide
Eléments examinés: 113594
Temps écoulé: 6 minute(s), 48 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
c'est bon, non???
j'attends de tes nouvelles
avec malwarebytes il n'y a plus rien...
voici le rapport..
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2479
Windows 5.1.2600 Service Pack 2
22/07/2009 17:27:40
mbam-log-2009-07-22 (17-27-40).txt
Type de recherche: Examen rapide
Eléments examinés: 113594
Temps écoulé: 6 minute(s), 48 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
c'est bon, non???
j'attends de tes nouvelles
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
23 juil. 2009 à 19:27
23 juil. 2009 à 19:27
Ok :)
Lance hijackthis (RSIT l'a installé ici C:\Program Files\trend micro\Tess.exe), choisis "do a system scan and save a logfile" et poste le rapport dans ta prochaine réponse stp
Lance hijackthis (RSIT l'a installé ici C:\Program Files\trend micro\Tess.exe), choisis "do a system scan and save a logfile" et poste le rapport dans ta prochaine réponse stp
voila le rapport hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:52:26, on 26/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
C:\Program Files\trend micro\Tess.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:52:26, on 26/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
C:\Program Files\trend micro\Tess.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFAA3050-0281-4AB2-8DF9-393AC4B9AB9A}: NameServer = 80.118.196.41,80.118.192.111
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Utilisateur anonyme
27 juil. 2009 à 16:50
27 juil. 2009 à 16:50
lol....salut Anthony
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
27 juil. 2009 à 17:22
27 juil. 2009 à 17:22
Salut ;)
morgane46
>
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
30 juil. 2009 à 17:22
30 juil. 2009 à 17:22
salut,
je ne sais pas du tout si c'est piraté, c'est un pote qui m'avait formaté le pc il y a tres longtemps...
je pense qu'il avait téléchargé la version sur internet......
déqolée pour le manque d'infos, je ne suis pas au top en informatique...!!!!
mais sinon c bon mon pc est niquel????tout propre?
je ne sais pas du tout si c'est piraté, c'est un pote qui m'avait formaté le pc il y a tres longtemps...
je pense qu'il avait téléchargé la version sur internet......
déqolée pour le manque d'infos, je ne suis pas au top en informatique...!!!!
mais sinon c bon mon pc est niquel????tout propre?
Salut,
je ne sais pas du tout si c'est piraté, c'est un pote qui m'avait formaté le pc il y a tres longtemps...
je pense qu'il avait téléchargé la version sur internet......
déqolée pour le manque d'infos, je ne suis pas au top en informatique...!!!!
mais sinon c bon mon pc est niquel????tout propre?
je ne sais pas du tout si c'est piraté, c'est un pote qui m'avait formaté le pc il y a tres longtemps...
je pense qu'il avait téléchargé la version sur internet......
déqolée pour le manque d'infos, je ne suis pas au top en informatique...!!!!
mais sinon c bon mon pc est niquel????tout propre?
