Virus msn "C'est toi!!??"
Résolu/Fermé
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
-
22 janv. 2008 à 21:41
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 16 févr. 2008 à 00:02
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 16 févr. 2008 à 00:02
A voir également:
- Virus msn "C'est toi!!??"
- Msn - Télécharger - Messagerie
- Svchost.exe virus - Guide
- Msn actu - Télécharger - Médias et Actualité
- Youtu.be virus - Guide
- Operagxsetup virus ✓ - Forum Virus
159 réponses
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
5 févr. 2008 à 01:40
5 févr. 2008 à 01:40
bon,
j´espere voir le rapport de kaspersky...
bonne nuit
@+
j´espere voir le rapport de kaspersky...
bonne nuit
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
5 févr. 2008 à 01:52
5 févr. 2008 à 01:52
Concernant la 2ème manip' pour la connexion, la case que tu m'as demandé de cocher était déja cochée...
Je fais le scan et te le poste...
Bonne nuit
Je fais le scan et te le poste...
Bonne nuit
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
5 févr. 2008 à 02:44
5 févr. 2008 à 02:44
Alors là je n'y comprends rien ! J'ai attendu que le scan se termine et une fois fini : Pas de rapport... !! Ca me dit que j'ai 4 virus et 62 fichiers infectés et c'est tout...
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
5 févr. 2008 à 17:08
5 févr. 2008 à 17:08
salut helpmei34,
c´est encore tres embetant que tu ne puisse pas me montrer de rapport...
fais ceci :
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
telecharge le ici :
http://serveur1.archive-host.com/membres/up/1366464061/ATF-Cleaner.rar
puis avec celui ci :
->Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
->aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
click sur option et décoche la case devant : delete prefect files
vide le manuellement :
:: Le contenu du dossier prefetch ::
* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
* Ne pas oublier de vider la corbeille !
puis
Telecharge Winpfind3u.exe sur ton bureau :
-> http://sd-1.archive-host.com/membres/up/1366464061/winpfind3u.exe
Cré un dossier sur ton bureau appelé par exemple win.
Double click sur le fichier zip Winpfind3u.exe dans la petite boite qui va s´ouvrir click en haut sur extract to et choisie dans la liste deroulante ton dossier win. et appuie alors sur le bouton extract (a gauche).
Redemarre en mode sans echec :
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
capture d´ecran : http://www.coupdepoucepc.com/images_cdppc4/fichespratiques/windowsxp/modese/modese2.jpg
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
Ouvre le dossier WinPFind3u et double click sur WinPFind3U.exe pour demarrer le programme
Réglages :
¤ Sous processus ¤
Coche la case : "Non-Microsoft"
¤ Sous win32 services ¤
Coche la case : "Non-Microsoft"
¤ Sous Driver Services group ¤
Coche la case : "Non-Microsoft"
¤ Sous Registry ¤
Coche la case : "Non-Microsoft"
¤ Sous Files/Folders Created Within ¤
COche la case : "30 days" et assure toi que la case "Non-Microsoft only" est bien cochée
¤ Sous Files/Folders Modified Within ¤
COche la case : "30 days" et assure toi que la case "Non-Microsoft only" est bien cochée
¤ Sous File String Search ¤
Coche la case : "Non-Microsoft"
Sur la partie de droite concernant les actions aditionelles au scan :
Décoche la case "Non-Microsoft only"
Et click sur le bouton "Select all"
Mintenant il est temps de scanner :
Appuie sur le boutont en haut a gauche "Run scan"
Le scan va alors demarrer, il va scanner un nombre important de fichiers alors dépendant du nombre de fichiers contenus dans ton pc, il sera plus ou moins long...
Laisse le travailler jusqu´au bout sans interruption.
Une fois le scan terminé, un rapport va s´afficher dans le bloc note, sauvegarde le de facon a le retrouver une fois avoir redemarré en mode normal.
Redemarre en mode normal et post le rapport ici
c´est encore tres embetant que tu ne puisse pas me montrer de rapport...
fais ceci :
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
telecharge le ici :
http://serveur1.archive-host.com/membres/up/1366464061/ATF-Cleaner.rar
puis avec celui ci :
->Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
->aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
click sur option et décoche la case devant : delete prefect files
vide le manuellement :
:: Le contenu du dossier prefetch ::
* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
* Ne pas oublier de vider la corbeille !
puis
Telecharge Winpfind3u.exe sur ton bureau :
-> http://sd-1.archive-host.com/membres/up/1366464061/winpfind3u.exe
Cré un dossier sur ton bureau appelé par exemple win.
Double click sur le fichier zip Winpfind3u.exe dans la petite boite qui va s´ouvrir click en haut sur extract to et choisie dans la liste deroulante ton dossier win. et appuie alors sur le bouton extract (a gauche).
Redemarre en mode sans echec :
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
capture d´ecran : http://www.coupdepoucepc.com/images_cdppc4/fichespratiques/windowsxp/modese/modese2.jpg
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
Ouvre le dossier WinPFind3u et double click sur WinPFind3U.exe pour demarrer le programme
Réglages :
¤ Sous processus ¤
Coche la case : "Non-Microsoft"
¤ Sous win32 services ¤
Coche la case : "Non-Microsoft"
¤ Sous Driver Services group ¤
Coche la case : "Non-Microsoft"
¤ Sous Registry ¤
Coche la case : "Non-Microsoft"
¤ Sous Files/Folders Created Within ¤
COche la case : "30 days" et assure toi que la case "Non-Microsoft only" est bien cochée
¤ Sous Files/Folders Modified Within ¤
COche la case : "30 days" et assure toi que la case "Non-Microsoft only" est bien cochée
¤ Sous File String Search ¤
Coche la case : "Non-Microsoft"
Sur la partie de droite concernant les actions aditionelles au scan :
Décoche la case "Non-Microsoft only"
Et click sur le bouton "Select all"
Mintenant il est temps de scanner :
Appuie sur le boutont en haut a gauche "Run scan"
Le scan va alors demarrer, il va scanner un nombre important de fichiers alors dépendant du nombre de fichiers contenus dans ton pc, il sera plus ou moins long...
Laisse le travailler jusqu´au bout sans interruption.
Une fois le scan terminé, un rapport va s´afficher dans le bloc note, sauvegarde le de facon a le retrouver une fois avoir redemarré en mode normal.
Redemarre en mode normal et post le rapport ici
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
8 févr. 2008 à 02:24
8 févr. 2008 à 02:24
Le rapport est extrement long... 74p....Je poste tout ici ?...
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 févr. 2008 à 06:03
8 févr. 2008 à 06:03
salut Helpmei34,
A vrai dire je voulais tester ce logiciel, mais j´ai du faire une erreure dans les reglages que je t´ai indiqués...
Je suis desolé pour la perte de temps occasionnée, mais comme tu l´as compris, 74 pages c´est beaucoups...
Tu peux supprimer Winpfind3u.exe et le rapport.
Regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instal l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
https://www.avira.com/en/prime
http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5
<- tutoriel configuration du scanner...
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
A pres avoir installé Antivir, fais un scan complet de ta machine avec les reglages que je t´ai stipulés si dessus et post le rapport ici
@+
A vrai dire je voulais tester ce logiciel, mais j´ai du faire une erreure dans les reglages que je t´ai indiqués...
Je suis desolé pour la perte de temps occasionnée, mais comme tu l´as compris, 74 pages c´est beaucoups...
Tu peux supprimer Winpfind3u.exe et le rapport.
Regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instal l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
https://www.avira.com/en/prime
http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5
<- tutoriel configuration du scanner...
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
A pres avoir installé Antivir, fais un scan complet de ta machine avec les reglages que je t´ai stipulés si dessus et post le rapport ici
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
8 févr. 2008 à 11:07
8 févr. 2008 à 11:07
Salut,
Il me semblait bien, c'était bizarre mais c'est pas grave :)
Quant à l'antivirus, j'ai déja essayé de le changer oour antivir car j'ai beaucoup entendu qu'il est bcp mieux que avast mais lorsque je l'intalle ca me dit qu'il est périmé... je vais réessayer avec ton lien...
Il me semblait bien, c'était bizarre mais c'est pas grave :)
Quant à l'antivirus, j'ai déja essayé de le changer oour antivir car j'ai beaucoup entendu qu'il est bcp mieux que avast mais lorsque je l'intalle ca me dit qu'il est périmé... je vais réessayer avec ton lien...
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
8 févr. 2008 à 12:39
8 févr. 2008 à 12:39
Voici le rapport Antivir :
AntiVir PersonalEdition Classic
Report file date: 2008-02-08 11:33
Scanning for 1096091 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-EB85C523610
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 10:21:27
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 2008-01-25 10:21:27
ANTIVIR3.VDF : 7.0.2.109 354816 Bytes 2008-02-08 10:21:27
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 2008-02-08 10:21:28
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-02-08 10:21:28
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: 2008-02-08 11:33
Starting search for hidden objects.
'65506' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'Ares.exe' - '1' Module(s) have been scanned
Scan process 'PSFree.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
Master boot sector HD2
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD3
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD4
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD5
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '53' files ).
Starting the file scan:
Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0174F6BA.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e331b1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\07103065.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31bb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\08198692.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was deleted!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\09F0702A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was deleted!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B023CE4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31d4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B575794.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was renamed to '0B575794.exe.VIR'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\10352F24.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df31df.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\11AB551D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31e1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\169447C5.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531e6.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\1709259E.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31e7.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\19C2CF95.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ef31ea.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\22C5711C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ef31e3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\24FB0BFD.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231e5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\252703B4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31e6.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\2A4B097A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e031f3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\2B3E09BE.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df31f4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\4AA3FB0C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31f3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\4B99787E.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531f5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\5092188A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531e3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\51BE177F.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ee31e5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\54F5765D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231e8.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\56F88D2F.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231eb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\571C2DCC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\5F2A63C4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31fb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6689FBB0.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e431ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\691CB283.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31ef.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6BDC0936.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031f8.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6E2ABA76.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\821D4C79.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31e9.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\8E1A1C73.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\9DAB94F7.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\9EF053E7.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231fd.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A421BFCC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31ed.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A5ADD5EC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31ee.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A8FD263C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231f1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\AD0BC537.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31fe.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B10BA732.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31eb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B200D6C8.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B9A9C96D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31f4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\BAD543EF.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\BEA7F9A5.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed3200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\C156C261.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e131ed.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\C2DC0F37.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031ee.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\D06B2DFB.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e231ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\D3E408E0.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f131f0.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\DD134312.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd3201.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ECB4AC39.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ee3200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ECE18646.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f13200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ED3CC5DB.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df3202.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\EFF67D8B.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f23204.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\F0839843.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e431ef.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\F44B6347.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '46409fc4.qua'!
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD.rar
[0] Archive type: RAR
--> VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '481e330f.qua'!
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
[DETECTION] Is the Trojan horse TR/Wimad.A.Gen
[INFO] The file was moved to '480f333a.qua'!
C:\Program Files\TBONBin\tbon.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '481b3921.qua'!
C:\QooBox\Quarantine\catchme2008-01-31_170256.12.zip
[0] Archive type: ZIP
--> ztx86.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> astq.tga
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4820396d.qua'!
C:\QooBox\Quarantine\C\upaq.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '480d397d.qua'!
C:\QooBox\Quarantine\C\WINDOWS\Temp\55303335.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df3942.qua'!
C:\QooBox\Quarantine\C\WINDOWS\Temp\83446251.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e03940.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP439\A0115671.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47dd3964.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP448\A0120756.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47dd398d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP448\A0120803.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Small.Crw.1 Backdoor server programs
[INFO] The file was moved to '47dd398e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120966.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '47dd3999.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120967.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '47dd399a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120968.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '4640a403.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122819.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39bd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122820.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39be.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122821.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a427.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122822.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39b0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122823.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39bf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122824.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a458.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122825.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122826.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122827.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a459.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122828.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122829.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122830.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122831.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122832.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122833.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c4.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122834.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122835.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122836.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122837.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122838.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122839.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122840.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39f8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122841.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a461.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122842.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fa.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122843.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a450.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122844.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122845.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a452.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122846.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a463.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122847.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122848.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a465.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122849.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122850.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a454.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122851.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122852.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a456.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122853.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122854.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a451.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122855.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39ca.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122856.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122857.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a448.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122858.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122859.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122860.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a453.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122861.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122862.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a455.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122863.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122864.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122865.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122866.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39ce.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122867.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a457.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122868.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fe.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122869.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a467.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122870.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122873.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '47dd39d7.qua'!
Begin scan in 'D:\' <HP_RECOVERY>
End of the scan: 2008-02-08 12:37
Used time: 1:04:03 min
The scan has been done completely.
8119 Scanning directories
359482 Files were scanned
116 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
2 files were deleted
0 files were repaired
115 files were moved to quarantine
1 files were renamed
2 Files cannot be scanned
359366 Files not concerned
13714 Archives were scanned
2 Warnings
25 Notes
65506 Objects were scanned with rootkit scan
0 Hidden objects were found
AntiVir PersonalEdition Classic
Report file date: 2008-02-08 11:33
Scanning for 1096091 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-EB85C523610
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 10:21:27
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 2008-01-25 10:21:27
ANTIVIR3.VDF : 7.0.2.109 354816 Bytes 2008-02-08 10:21:27
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 2008-02-08 10:21:28
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-02-08 10:21:28
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: 2008-02-08 11:33
Starting search for hidden objects.
'65506' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'Ares.exe' - '1' Module(s) have been scanned
Scan process 'PSFree.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
Master boot sector HD2
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD3
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD4
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD5
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '53' files ).
Starting the file scan:
Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0174F6BA.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e331b1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\07103065.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31bb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\08198692.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was deleted!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\09F0702A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was deleted!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B023CE4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31d4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B575794.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was renamed to '0B575794.exe.VIR'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\10352F24.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df31df.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\11AB551D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31e1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\169447C5.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531e6.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\1709259E.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31e7.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\19C2CF95.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ef31ea.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\22C5711C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ef31e3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\24FB0BFD.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231e5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\252703B4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31e6.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\2A4B097A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e031f3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\2B3E09BE.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df31f4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\4AA3FB0C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31f3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\4B99787E.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531f5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\5092188A.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e531e3.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\51BE177F.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ee31e5.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\54F5765D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231e8.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\56F88D2F.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231eb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\571C2DCC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\5F2A63C4.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31fb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6689FBB0.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e431ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\691CB283.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31ef.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6BDC0936.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031f8.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\6E2ABA76.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\821D4C79.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31e9.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\8E1A1C73.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\9DAB94F7.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\9EF053E7.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231fd.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A421BFCC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47de31ed.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A5ADD5EC.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31ee.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\A8FD263C.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f231f1.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\AD0BC537.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31fe.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B10BA732.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31eb.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B200D6C8.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dc31ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\B9A9C96D.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed31f4.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\BAD543EF.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031fc.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\BEA7F9A5.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ed3200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\C156C261.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e131ed.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\C2DC0F37.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f031ee.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\D06B2DFB.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e231ec.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\D3E408E0.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f131f0.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\DD134312.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd3201.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ECB4AC39.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47ee3200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ECE18646.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f13200.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\ED3CC5DB.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df3202.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\EFF67D8B.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47f23204.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\F0839843.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e431ef.qua'!
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\F44B6347.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '46409fc4.qua'!
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD.rar
[0] Archive type: RAR
--> VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '481e330f.qua'!
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
[DETECTION] Is the Trojan horse TR/Wimad.A.Gen
[INFO] The file was moved to '480f333a.qua'!
C:\Program Files\TBONBin\tbon.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '481b3921.qua'!
C:\QooBox\Quarantine\catchme2008-01-31_170256.12.zip
[0] Archive type: ZIP
--> ztx86.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> astq.tga
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4820396d.qua'!
C:\QooBox\Quarantine\C\upaq.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '480d397d.qua'!
C:\QooBox\Quarantine\C\WINDOWS\Temp\55303335.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47df3942.qua'!
C:\QooBox\Quarantine\C\WINDOWS\Temp\83446251.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47e03940.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP439\A0115671.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47dd3964.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP448\A0120756.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '47dd398d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP448\A0120803.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Small.Crw.1 Backdoor server programs
[INFO] The file was moved to '47dd398e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120966.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '47dd3999.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120967.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '47dd399a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP450\A0120968.exe
[DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
[INFO] The file was moved to '4640a403.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122819.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39bd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122820.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39be.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122821.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a427.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122822.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39b0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122823.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39bf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122824.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a458.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122825.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122826.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122827.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a459.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122828.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122829.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122830.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122831.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122832.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122833.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c4.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122834.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122835.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122836.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122837.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122838.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a45e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122839.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122840.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39f8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122841.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a461.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122842.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fa.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122843.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a450.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122844.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122845.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a452.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122846.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a463.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122847.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122848.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a465.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122849.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122850.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a454.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122851.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122852.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a456.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122853.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39c8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122854.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a451.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122855.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39ca.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122856.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122857.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a448.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122858.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122859.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122860.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a453.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122861.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39cc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122862.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a455.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122863.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122864.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122865.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39d5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122866.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39ce.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122867.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a457.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122868.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '47dd39fe.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122869.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a467.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122870.exe
[DETECTION] Is the Trojan horse TR/Agent.131072.D.2
[INFO] The file was moved to '4640a44e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP452\A0122873.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '47dd39d7.qua'!
Begin scan in 'D:\' <HP_RECOVERY>
End of the scan: 2008-02-08 12:37
Used time: 1:04:03 min
The scan has been done completely.
8119 Scanning directories
359482 Files were scanned
116 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
2 files were deleted
0 files were repaired
115 files were moved to quarantine
1 files were renamed
2 Files cannot be scanned
359366 Files not concerned
13714 Archives were scanned
2 Warnings
25 Notes
65506 Objects were scanned with rootkit scan
0 Hidden objects were found
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 févr. 2008 à 13:24
8 févr. 2008 à 13:24
Re,
bon c´est pas mal du tout, en faite tout ou presque tout ce que antivir a détécté ce sont des fichiers soit dans la quarantaine des outils que nous avons utilisés ou soit les outils eux memes.
en realité voici les fichiers infectés :
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Supprime ce programme -> C:\Program Files\TBONBin
Vide la quarantaine d´antivir.
Tu telecharge avec quoi comme programme p2p?
post un nouveau hijack this stp
@+
bon c´est pas mal du tout, en faite tout ou presque tout ce que antivir a détécté ce sont des fichiers soit dans la quarantaine des outils que nous avons utilisés ou soit les outils eux memes.
en realité voici les fichiers infectés :
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Supprime ce programme -> C:\Program Files\TBONBin
Vide la quarantaine d´antivir.
Tu telecharge avec quoi comme programme p2p?
post un nouveau hijack this stp
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
8 févr. 2008 à 13:36
8 févr. 2008 à 13:36
Re,
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Je dois aller effacer ca ?
Mon p2p c'est ares mais je change souvent, j'ai aussi utorrent
Hitjack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34, on 2008-02-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\PhotoFiltre.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: ffdshow
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Je dois aller effacer ca ?
Mon p2p c'est ares mais je change souvent, j'ai aussi utorrent
Hitjack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34, on 2008-02-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\PhotoFiltre.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: ffdshow
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 févr. 2008 à 14:17
8 févr. 2008 à 14:17
Re,
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Je dois aller effacer ca ?
non.
Supprime ce programme -> C:\Program Files\TBONBin
Je ne connait pas ces programme de p2p mais vu ce que tu en recolte, c´est pas terrible!!!
car les fichiers au dessus trouvés par antivir proviennent de la bas...
je serait toi je ferais vraiment gaffe.
fais ceci :
appuie simultanement sur la touche windows a droit de la barre d´espace (drapeau windows) et sur "e" ->une fois dans le post de travail click sur le disk c > program files >java ouvre le fichier java et click sur le fichier jre1.5.0_05 pour l´ouvrir puis ouvre le fichier bin et dedans tu recherche ceci : jucheck.exe tu double click dessus et effectue la mise a jour de java> tu veux la version 1.6.0_03
une fois la mise a jour effectuée tu va dans ajoute/suppression de program et tu supprime toutes les autres update de java, il ne doit te rester que celle que tu viens de faire : 1.6.0_03
puis
Ccleaner:
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"erreurs" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
puis un ultime scan :
j´aimerais que tu le fasse en mode sans echec
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
capture d´ecran : http://www.coupdepoucepc.com/images_cdppc4/fichespratiques/windowsxp/modese/modese2.jpg
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
A.V.G : telecharge le programme avant d´aller en mode sans echec et mets le a jour
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
redemarre normalement et post le rapport ici stp
@+
C:\Documents and Settings\dior\Mes documents\Downloads\VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD .rar
VirtualCamera.v1.0.1.1.Final.Multilanguage.WinALL.Incl.Keygen-BLiZZARD\keygen.exe
C:\Documents and Settings\dior\Mes documents\Musik\Luciano_Pavarotti_gets_pranked.wma
C:\Program Files\TBONBin\tbon.exe
Je dois aller effacer ca ?
non.
Supprime ce programme -> C:\Program Files\TBONBin
Je ne connait pas ces programme de p2p mais vu ce que tu en recolte, c´est pas terrible!!!
car les fichiers au dessus trouvés par antivir proviennent de la bas...
je serait toi je ferais vraiment gaffe.
fais ceci :
appuie simultanement sur la touche windows a droit de la barre d´espace (drapeau windows) et sur "e" ->une fois dans le post de travail click sur le disk c > program files >java ouvre le fichier java et click sur le fichier jre1.5.0_05 pour l´ouvrir puis ouvre le fichier bin et dedans tu recherche ceci : jucheck.exe tu double click dessus et effectue la mise a jour de java> tu veux la version 1.6.0_03
une fois la mise a jour effectuée tu va dans ajoute/suppression de program et tu supprime toutes les autres update de java, il ne doit te rester que celle que tu viens de faire : 1.6.0_03
puis
Ccleaner:
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"erreurs" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
puis un ultime scan :
j´aimerais que tu le fasse en mode sans echec
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
capture d´ecran : http://www.coupdepoucepc.com/images_cdppc4/fichespratiques/windowsxp/modese/modese2.jpg
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
A.V.G : telecharge le programme avant d´aller en mode sans echec et mets le a jour
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
redemarre normalement et post le rapport ici stp
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
8 févr. 2008 à 20:17
8 févr. 2008 à 20:17
vOICI LE RAPPORT
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:02 2008-02-08
+ Résultat de l'analyse:
:mozilla.123:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.176:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.180:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adobe : Aucune action entreprise.
:mozilla.170:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.10:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.168:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.179:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.181:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.165:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.157:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Burstnet : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.156:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Realmedia : Aucune action entreprise.
:mozilla.22:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.105:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.10:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statistik-gallup : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.31:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.172:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.30:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B575794.exe.VIR -> Trojan.Agent.eeu : Aucune action entreprise.
Fin du rapport
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:02 2008-02-08
+ Résultat de l'analyse:
:mozilla.123:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.176:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.180:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adobe : Aucune action entreprise.
:mozilla.170:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.10:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.168:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.179:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.181:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.165:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.157:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Burstnet : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Casinotropez : Aucune action entreprise.
:mozilla.156:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\dior\Application Data\Mozilla\Firefox\Profiles\1rsecd5t.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.65:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Realmedia : Aucune action entreprise.
:mozilla.22:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.105:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.10:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.9:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Statistik-gallup : Aucune action entreprise.
:mozilla.43:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.31:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.172:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.30:C:\Documents and Settings\marionette\Application Data\Mozilla\Firefox\Profiles\90vx54yy.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Deckard\System Scanner\20080127210749\backup\WINDOWS\temp\0B575794.exe.VIR -> Trojan.Agent.eeu : Aucune action entreprise.
Fin du rapport
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
8 févr. 2008 à 20:29
8 févr. 2008 à 20:29
re,
tu as supprimé tous ce que avg a trouvé? car la c´est mentionné "aucune action entreprise...
fais ceci :
refarde ce site / tutorial de Malekal pour mettre ta console java a jour, tu as la version jre1.5.0_05 et tu veux la version 1.6.0_03
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
click sur demarrer / executer tape sc stop FTRTSVC puis valide par ok
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
(respect les espaces )
a l´aide de hijack this coche et fix les lignes suivantes :
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe ( si toujour present )
puis
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
et en fin :
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telechargement 34055291 toolsclean(...)
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
@+
tu as supprimé tous ce que avg a trouvé? car la c´est mentionné "aucune action entreprise...
fais ceci :
refarde ce site / tutorial de Malekal pour mettre ta console java a jour, tu as la version jre1.5.0_05 et tu veux la version 1.6.0_03
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
click sur demarrer / executer tape sc stop FTRTSVC puis valide par ok
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
(respect les espaces )
a l´aide de hijack this coche et fix les lignes suivantes :
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe ( si toujour present )
puis
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
et en fin :
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telechargement 34055291 toolsclean(...)
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
10 févr. 2008 à 16:02
10 févr. 2008 à 16:02
Salut,
Version Java ok
04 fixé mais pas le 023 car introuvable
Rapport TCleaner.txt
-->- Recherche:
C:\FixWareOut: trouvé !
C:\Combofix: trouvé !
C:\!Killbox: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\dior\Bureau\Dss.exe: trouvé !
C:\Documents and Settings\dior\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\dior\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\dior\Bureau\KillBox.exe: trouvé !
C:\Documents and Settings\dior\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\dior\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\tar.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\LFiles.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\gzip.exe: trouvé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\HijackThis.exe: trouvé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\WIN\Winpfind3u.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\dior\Bureau\Dss.exe: supprimé !
C:\Documents and Settings\dior\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\dior\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\dior\Bureau\KillBox.exe: supprimé !
C:\Documents and Settings\dior\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\dior\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\tar.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\LFiles.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\gzip.exe: supprimé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\HijackThis.exe: supprimé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\WIN\Winpfind3u.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\FixWareOut: supprimé !
C:\Combofix: supprimé !
C:\!Killbox: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Restauration annulée !
Corbeille vidée!
Fichiers temporaires nettoyés !
Version Java ok
04 fixé mais pas le 023 car introuvable
Rapport TCleaner.txt
-->- Recherche:
C:\FixWareOut: trouvé !
C:\Combofix: trouvé !
C:\!Killbox: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\dior\Bureau\Dss.exe: trouvé !
C:\Documents and Settings\dior\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\dior\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\dior\Bureau\KillBox.exe: trouvé !
C:\Documents and Settings\dior\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\dior\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\tar.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\LFiles.exe: trouvé !
C:\Documents and Settings\dior\Bureau\DiagHelp\gzip.exe: trouvé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\HijackThis.exe: trouvé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\WIN\Winpfind3u.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\dior\Bureau\Dss.exe: supprimé !
C:\Documents and Settings\dior\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\dior\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\dior\Bureau\KillBox.exe: supprimé !
C:\Documents and Settings\dior\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\dior\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\tar.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\LFiles.exe: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp\gzip.exe: supprimé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\HijackThis.exe: supprimé !
C:\Documents and Settings\marionette\Mes documents\LOGICIEL\WIN\Winpfind3u.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\FixWareOut: supprimé !
C:\Combofix: supprimé !
C:\!Killbox: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\dior\Bureau\DiagHelp: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Restauration annulée !
Corbeille vidée!
Fichiers temporaires nettoyés !
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
10 févr. 2008 à 18:31
10 févr. 2008 à 18:31
Salut,
Comment va ton pc?
@+
Comment va ton pc?
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
10 févr. 2008 à 19:50
10 févr. 2008 à 19:50
Il va bien. Sauf quelques problèmes de connexions ..
C'est fini, j'ai plus de virus ?!
C'est fini, j'ai plus de virus ?!
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
10 févr. 2008 à 23:16
10 févr. 2008 à 23:16
Salut,
Pour moi c´est ok
c´est quels genre de problemes pour la connection ?
va faire un tour dans le journale des evenements et regarde si tu as des erreures ariivées au moment de tes problemes de connection.
https://www.pcastuces.com/pratique/windows/xp/default.htm
dis moi quoi
@+
Pour moi c´est ok
c´est quels genre de problemes pour la connection ?
va faire un tour dans le journale des evenements et regarde si tu as des erreures ariivées au moment de tes problemes de connection.
https://www.pcastuces.com/pratique/windows/xp/default.htm
dis moi quoi
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
11 févr. 2008 à 11:14
11 févr. 2008 à 11:14
Merci beaucoup en tout cas pour l'aide que tu m'as apporté ! C'est vraiment sympa d'avoir consacré du temps à m'aider !
Pour la connexion, j'ouvre un autre sujet ou pas ?
Pour la connexion, j'ouvre un autre sujet ou pas ?
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
11 févr. 2008 à 12:37
11 févr. 2008 à 12:37
Salut,
De rien ;-)
Pour la connection tu as regardé dans le journal des evenements?
@+
De rien ;-)
Pour la connection tu as regardé dans le journal des evenements?
@+
Helpmei34
Messages postés
125
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
9 mars 2009
1
11 févr. 2008 à 12:47
11 févr. 2008 à 12:47
Oui mais comme je ne suis pas chez moi, je regarderai ce soir...
Je te tiens au courant
Je te tiens au courant