Problèmes suite à l'effacement du virus amvo
Résolu/Fermé
A voir également:
- Problèmes suite à l'effacement du virus amvo
- Svchost.exe virus - Guide
- Vérificateur de lien virus - Guide
- Produkey virus ✓ - Forum Windows 10
- Faux message virus iphone - Forum iPhone
- Bluestacks virus ✓ - Forum Logiciels
34 réponses
Je voulais rajouter que je ne sais plus non plus ouvrir de scripts visual basic... Il n'y a plus de correspondance de fichiers... C'est un peu le quatrième problème que j'ai eu en voulant faire fonctionner le script "asmo remover" (ou un autre nom dans le style...).
Merci pour les encouragements...
Je dois remettre des rapports très importants dans les jours qui viennent... J'ai un back-up mais j'ai perdu 4 jours... Enfin, ce n'est pas vraiment la fin du monde...
Je ne sais pas si c'est utile... Mais voici la liste des infections que ESET NOD32 m'avait trouvé... Je n'ai plus le log... D'habitude je m'en sors tout seul en lisant les forums... Mais là... Hum...
25/03/2008 9:08:31 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:08:16 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:07:58 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:07:53 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:51 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:46 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:45 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:42 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:39 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:38 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:32 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:32 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:25 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:25 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:21 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:18 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:17 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:15 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:11 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:10 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:57 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:57 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:55 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:44 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:43 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:41 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:36 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:36 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:30 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:28 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:23 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:23 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:22 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:21 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:20 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:17 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:16 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:16 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:15 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:14 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:10 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:09 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:09 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:07 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:01 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:05:56 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:55 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:39:18 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:15 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:11 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:39:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:54 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:46 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:44 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:41 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:41 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:38 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:35 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
Je dois remettre des rapports très importants dans les jours qui viennent... J'ai un back-up mais j'ai perdu 4 jours... Enfin, ce n'est pas vraiment la fin du monde...
Je ne sais pas si c'est utile... Mais voici la liste des infections que ESET NOD32 m'avait trouvé... Je n'ai plus le log... D'habitude je m'en sors tout seul en lisant les forums... Mais là... Hum...
25/03/2008 9:08:31 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:08:16 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:07:58 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:07:53 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:52 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:51 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:46 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:45 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:42 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:39 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:38 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:32 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:32 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:25 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:25 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:21 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:18 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:17 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:15 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:11 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:10 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:07:04 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:07:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:57 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:57 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:55 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:50 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:44 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:43 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:43 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:41 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:37 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:36 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:36 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:35 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:30 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:30 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:28 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:28 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:23 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:23 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:22 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:21 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:20 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:17 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:16 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:16 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:15 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:14 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:10 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined
25/03/2008 9:06:09 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:09 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:07 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:06:02 Real-time file system protection file C:\MS-DOS.com probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe.
25/03/2008 9:06:01 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined
25/03/2008 9:05:56 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:55 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 9:05:49 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:39:18 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:15 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:11 Startup scanner file C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:39:08 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:39:01 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:54 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:48 Real-time file system protection file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:46 Startup scanner file C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:44 Startup scanner file C:\WINDOWS\Fonts\Fonts.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:41 Startup scanner file C:\WINDOWS\system32\dllcache\Default.exe probably unknown NewHeur_PE virus deleted - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:41 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
25/03/2008 8:38:38 Startup scanner file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus deleted (after the next restart) - quarantined ACER-2A7ACBC3E6\Youri
25/03/2008 8:38:35 Real-time file system protection file C:\WINDOWS\system\KEYBOARD.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe.
tribun
Messages postés
64861
Date d'inscription
vendredi 24 août 2007
Statut
Membre
Dernière intervention
20 février 2020
12 511
26 mars 2008 à 08:38
26 mars 2008 à 08:38
j'ai demandé si quelqu'un peut te venir en aide , patience !
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 10:21
26 mars 2008 à 10:21
Salut,
Pour commencer, Il y'a des restes de Symantec sur ta machine donc :
Pour Desinstaller Norton :
Suivre les instructions de ce lien :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/e1422b2508cec946882568c70062bbf8/1168d30686f6fdb080256fe3003757be?OpenDocument
_____________________________________________________
Le reste arrive aprés....
Pour commencer, Il y'a des restes de Symantec sur ta machine donc :
Pour Desinstaller Norton :
Suivre les instructions de ce lien :
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/e1422b2508cec946882568c70062bbf8/1168d30686f6fdb080256fe3003757be?OpenDocument
_____________________________________________________
Le reste arrive aprés....
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 10:40
26 mars 2008 à 10:40
Tu dois certainement savoir que tu possède une version piraté et non légal de windows XP, ce qui ne simplifie pas la tache.
Fait ce qui suit :
Fixe les lignes dans Hijackthis :
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 213.186.57.36 ladder.battle-arenas.net
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
Si présente :
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
S'il te demande un redémarrage, relance ton PC.
_____________________________________________________
Pour ton problème de TaskMgr :
Essaye de voir mais normallement il est présent sur ton CD de windows XP, Si tu le trouve,
Fait un copie le dans C:\Windows\System32
---> Démarer
---> Executer puis (x represente la lettre de ton lecteur cdrom contenant le cd XP)
expand x:\i386\TASKMGR.EX_ %SystemRoot%\SYSTEM32\taskmgr.exe
attention aux espaces entre [expand et x ] et [ EX_ et %]
Fait ce qui suit :
Fixe les lignes dans Hijackthis :
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 213.186.57.36 ladder.battle-arenas.net
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
Si présente :
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
S'il te demande un redémarrage, relance ton PC.
_____________________________________________________
Pour ton problème de TaskMgr :
Essaye de voir mais normallement il est présent sur ton CD de windows XP, Si tu le trouve,
Fait un copie le dans C:\Windows\System32
---> Démarer
---> Executer puis (x represente la lettre de ton lecteur cdrom contenant le cd XP)
expand x:\i386\TASKMGR.EX_ %SystemRoot%\SYSTEM32\taskmgr.exe
attention aux espaces entre [expand et x ] et [ EX_ et %]
Hmmmm...
Étonnant pour la version piratée... Je l'ai reçue sur mon portable directement et j'ai deux CD windows/ACER de "recovery"... Je ne comprends pas très bien du coup...
Par contre, Office est surement une version piratée... J'en n'ai aucune idée, Office était installé mais je n'ai pas de CD de "recovery" avec... Ce qui me pose un gros problème si je dois le réinstaller...
Je vais m'occuper du TaskManager en rentrant chez moi... (je suis au taff sur le PC d'un ami)
J'ai effectué les opérations que tu m'as demandées de faire... Mais j'avoue avoir aussi chipoté par moi-même... Inquiétude et nervosité obligent... ^^
Je te remets un log de HijackThis au cas où
Encore merci...
------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:52, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer.com/worldwide/selection.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Étonnant pour la version piratée... Je l'ai reçue sur mon portable directement et j'ai deux CD windows/ACER de "recovery"... Je ne comprends pas très bien du coup...
Par contre, Office est surement une version piratée... J'en n'ai aucune idée, Office était installé mais je n'ai pas de CD de "recovery" avec... Ce qui me pose un gros problème si je dois le réinstaller...
Je vais m'occuper du TaskManager en rentrant chez moi... (je suis au taff sur le PC d'un ami)
J'ai effectué les opérations que tu m'as demandées de faire... Mais j'avoue avoir aussi chipoté par moi-même... Inquiétude et nervosité obligent... ^^
Je te remets un log de HijackThis au cas où
Encore merci...
------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:52, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer.com/worldwide/selection.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 10:55
26 mars 2008 à 10:55
Pour ton problème d'ouverture du disque dur :
Action par défaut des dossiers et lecteurs:
Dans l'explorateur de fichiers, si l'action par défaut des dossiers et lecteurs est devenue, Rechercher, ou une autre action qu'Ouvrir essayez au menu
---> Démarrer
---> Exécuter: puis tapper :regsvr32 /i shell32
Si cela ne suffit pas, appliquez cette modification de la base de registre
A telecharger et executer : Ouvrir-Explorer
++
Action par défaut des dossiers et lecteurs:
Dans l'explorateur de fichiers, si l'action par défaut des dossiers et lecteurs est devenue, Rechercher, ou une autre action qu'Ouvrir essayez au menu
---> Démarrer
---> Exécuter: puis tapper :regsvr32 /i shell32
Si cela ne suffit pas, appliquez cette modification de la base de registre
A telecharger et executer : Ouvrir-Explorer
++
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 11:00
26 mars 2008 à 11:00
Oui en effet,
Ces 2 lignes prouvent que ce n'est pas une version légitime :
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
Ca peut etre ennuyeux parfois... Généralement dans les version non-officiel, il y a souvent de petits problèmes.
Ces 2 lignes prouvent que ce n'est pas une version légitime :
O4 - HKUS\S-1-5-18\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] C:\WINDOWS\system32\dllcache\Default.exe (User 'Default user')
Ca peut etre ennuyeux parfois... Généralement dans les version non-officiel, il y a souvent de petits problèmes.
Bon bon bon... Comment se fait-il que j'achète un pc avec Windows, que j'aie les CD avec, clé et tout le bazar et que pour finir... C'est une version piratée? Je note aussi que ce Default.exe était un des fichiers infectés que m'a supprimé ESET NOD32... Ça n'a peut-être aucun lien...
Merci de me prévenir en tout cas...
Merci de me prévenir en tout cas...
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 12:42
26 mars 2008 à 12:42
Salut Cyril
Moi non plus, j'ai un petit doute c'est pourqoi j'ai demandé de fixer les lignes. Mais si elles reviennent, je pense en etre certain.
Moi non plus, j'ai un petit doute c'est pourqoi j'ai demandé de fixer les lignes. Mais si elles reviennent, je pense en etre certain.
Utilisateur anonyme
>
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
26 mars 2008 à 12:47
26 mars 2008 à 12:47
Ok =) de toute façon on verra bien ;)
Tchouss'
Tchouss'
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 11:38
26 mars 2008 à 11:38
Il se peut qu'il y ai un rapport, dans ce cas, fixe également ces 2 lignes cités au dessus dans hijackthis comme tu l'as fait dans le post 7.
Si elle ne réapparaisse pas au prochain démarrage, c'est qu'il y avait un lien, sinon ça confirme bien ma pensée.
Sinon pour l'ouverture disque dur, as tu essayé ça :
---> poste de travail
---> outils
---> Option des dossiers
---> types de fichiers
---> classe la liste par "type de fichiers" selectionne 'lecteur'
---> va dans avancé !
là, tu peux changer l'icone, et l'action par défaut, à savoir, ouvrir (open) !
---> Nouveau
---> Dans Action mettre : open
---> Dans Application utilisé.... mettre : c:\windows\explorer.exe
---> OK
Si elle ne réapparaisse pas au prochain démarrage, c'est qu'il y avait un lien, sinon ça confirme bien ma pensée.
Sinon pour l'ouverture disque dur, as tu essayé ça :
---> poste de travail
---> outils
---> Option des dossiers
---> types de fichiers
---> classe la liste par "type de fichiers" selectionne 'lecteur'
---> va dans avancé !
là, tu peux changer l'icone, et l'action par défaut, à savoir, ouvrir (open) !
---> Nouveau
---> Dans Action mettre : open
---> Dans Application utilisé.... mettre : c:\windows\explorer.exe
---> OK
tribun
Messages postés
64861
Date d'inscription
vendredi 24 août 2007
Statut
Membre
Dernière intervention
20 février 2020
12 511
26 mars 2008 à 12:47
26 mars 2008 à 12:47
merci d'avoir répondu a l'appel !!
toujours des traces de Norton , à mon avis! à confirmer !
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
toujours des traces de Norton , à mon avis! à confirmer !
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
26 mars 2008 à 14:09
26 mars 2008 à 14:09
Re tribun
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Correspond à NoD32.
:)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Correspond à NoD32.
:)
Bon encore merci...
Je vais reprendre mes problèmes:
1. Pour l'ouverture des lecteurs... J'ai essayer la dernière solution. Elle ne semble pas fonctionner. Dans la liste, j'ai "find", j'ai rajouté "open", je l'ai mis "par défaut" mais il continue de m'envoyer la liste. Il m'est impossible par après de modifier ou de supprimer des entrées dans cette fenêtre, les deux options sont grisée et non disponibles. Je ne sais pas si c'est normal. D'ailleurs, il y a une option "utiliser DDE" qui n'est pas cochée... Je ne sais pas du tout ce que c'est.
2. Pour Excel, j'ai réussi à le faire fonctionner en allant dans l'arborescence des fichiers C:\Program Files\Microsoft Office\OFFICE11\Excel.exe . Excel souvre mais me propose tout de même l'installation de Microsoft Office par trois fois... je l'annule et ça marche. Par contre il refuse de faire fonctionner un truc qui se nomme "Eurotool" ou quelque chose du genre.
3. Pour Taskmanager... Impossible de le trouver dans mes deux disques de restauration... Je m'y replonge ce soir.
4. Pour les trucs visual basic, que j'ai essayé de faire fonctionner pour des scripts spécifiques pour le virus Amvo, toujours rien... Il me demande le programme que je veux utiliser... Comme je n'en n'ai pas la moindre idée...
Voilà voilà... Désolé que tes efforts soient un peu vains pour l'instant Saiyen... mais je peux au moins travailler (Excel et Word sont capitaux pour moi). Je ne sais pas si ces précisions aident...
Je réessaie de fixer les deux lignes defaut.exe pour voir...
Je vais reprendre mes problèmes:
1. Pour l'ouverture des lecteurs... J'ai essayer la dernière solution. Elle ne semble pas fonctionner. Dans la liste, j'ai "find", j'ai rajouté "open", je l'ai mis "par défaut" mais il continue de m'envoyer la liste. Il m'est impossible par après de modifier ou de supprimer des entrées dans cette fenêtre, les deux options sont grisée et non disponibles. Je ne sais pas si c'est normal. D'ailleurs, il y a une option "utiliser DDE" qui n'est pas cochée... Je ne sais pas du tout ce que c'est.
2. Pour Excel, j'ai réussi à le faire fonctionner en allant dans l'arborescence des fichiers C:\Program Files\Microsoft Office\OFFICE11\Excel.exe . Excel souvre mais me propose tout de même l'installation de Microsoft Office par trois fois... je l'annule et ça marche. Par contre il refuse de faire fonctionner un truc qui se nomme "Eurotool" ou quelque chose du genre.
3. Pour Taskmanager... Impossible de le trouver dans mes deux disques de restauration... Je m'y replonge ce soir.
4. Pour les trucs visual basic, que j'ai essayé de faire fonctionner pour des scripts spécifiques pour le virus Amvo, toujours rien... Il me demande le programme que je veux utiliser... Comme je n'en n'ai pas la moindre idée...
Voilà voilà... Désolé que tes efforts soient un peu vains pour l'instant Saiyen... mais je peux au moins travailler (Excel et Word sont capitaux pour moi). Je ne sais pas si ces précisions aident...
Je réessaie de fixer les deux lignes defaut.exe pour voir...
Bon, j'ai fixé les deux lignes et redémarré le pc... Les lignes semblent avoir disparu... Je ne sais pas ce que ça change, mais ça me plaît. ^^
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer.com/worldwide/selection.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer.com/worldwide/selection.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Policies\Explorer\Run: [sys] C:\WINDOWS\Fonts\Fonts.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
perrus53
Messages postés
1012
Date d'inscription
samedi 2 février 2008
Statut
Membre
Dernière intervention
29 novembre 2014
222
27 mars 2008 à 09:28
27 mars 2008 à 09:28
Pour ouvrir ton disque dur, suis cette manip:
touche windows+E,tu va dans outils, option des dossiers, affichage et affiche les fichiers et dossier cachés, ainsi que les fichiers protéges du systeme d'exploitation.
Valides
Parcours jusqu'a la racine de ton lecteur avec la liste de gauche.
Quand t'y es, supprimes autorun qu'il doit y avoir dedans.
Redemarres. Si quand tu demarres, le fichier autorun est revenu, 1° tu as encore ton virus, 2° supprimes encore le autorun, et cree en un nouveau avec bloc note, tu le laisses vide et tu fait enregistrer sous, dans le nom tu met"autorun.inf".
Tu le met en lecture seule avec le clic droit, et sa devrai marcher en attendant de supprimer le virus
Redemarres
touche windows+E,tu va dans outils, option des dossiers, affichage et affiche les fichiers et dossier cachés, ainsi que les fichiers protéges du systeme d'exploitation.
Valides
Parcours jusqu'a la racine de ton lecteur avec la liste de gauche.
Quand t'y es, supprimes autorun qu'il doit y avoir dedans.
Redemarres. Si quand tu demarres, le fichier autorun est revenu, 1° tu as encore ton virus, 2° supprimes encore le autorun, et cree en un nouveau avec bloc note, tu le laisses vide et tu fait enregistrer sous, dans le nom tu met"autorun.inf".
Tu le met en lecture seule avec le clic droit, et sa devrai marcher en attendant de supprimer le virus
Redemarres
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
27 mars 2008 à 13:04
27 mars 2008 à 13:04
Salut,
Merci perrus pour cette précision, c'est plutot éfficace :)
Pour les 2 lignes que tu as fixés, en effet Cyril avait raison étant donné qu'elles ne sont pas revenues.
Depuis que tu as fixé les 2 lignes, tu ne peux toujours pas ouvrir le gestionnaire des taches ?
Si tu ne peux pas essaye de le telechargé : Taskmgr.exe
Et met le dans C:\Windows\System32
Merci perrus pour cette précision, c'est plutot éfficace :)
Pour les 2 lignes que tu as fixés, en effet Cyril avait raison étant donné qu'elles ne sont pas revenues.
Depuis que tu as fixé les 2 lignes, tu ne peux toujours pas ouvrir le gestionnaire des taches ?
Si tu ne peux pas essaye de le telechargé : Taskmgr.exe
Et met le dans C:\Windows\System32
perrus53
Messages postés
1012
Date d'inscription
samedi 2 février 2008
Statut
Membre
Dernière intervention
29 novembre 2014
222
27 mars 2008 à 13:19
27 mars 2008 à 13:19
C'est radical!!
Vu le nombre de virus qui crée cet autorun, j'ai appris a me debrouiller seul pour me sortir de la, car je n'avais pas internet ;-)
Vu le nombre de virus qui crée cet autorun, j'ai appris a me debrouiller seul pour me sortir de la, car je n'avais pas internet ;-)
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
27 mars 2008 à 14:39
27 mars 2008 à 14:39
En effet, c'est a prendre en note. ^^
perrus53
Messages postés
1012
Date d'inscription
samedi 2 février 2008
Statut
Membre
Dernière intervention
29 novembre 2014
222
27 mars 2008 à 17:14
27 mars 2008 à 17:14
Je prepare la video pour faire sa simplement, sa va servir a plus d'un!!!
Saiyen75
Messages postés
2696
Date d'inscription
jeudi 8 mars 2007
Statut
Membre
Dernière intervention
23 novembre 2014
184
27 mars 2008 à 17:56
27 mars 2008 à 17:56
Ca c'est sur, et c'est une bonne initiative ! :)
Bon ben pour le TaskMgr... En fait, le fichier est toujours là... Mais bon, je l'ai à nouveau téléchargé et remis mais quand je le double-clique il me met le message d'erreur suivant:
"Windows ne trouve pas 'C:\WINDOWS\system32\taskmgr.exe' Vérifiez que vous avez entré le nom correctement pour réessayer à nouveau. blabla rechercher blabla"
C'est ça que je ne capte pas. Le fichier est bien là. Je l'ai remis. Mais il ne me permet pas de l'ouvrir disant qu'il n'y est pas... Est-ce que Windows picole parfois?
Enfin... voilà...
"Windows ne trouve pas 'C:\WINDOWS\system32\taskmgr.exe' Vérifiez que vous avez entré le nom correctement pour réessayer à nouveau. blabla rechercher blabla"
C'est ça que je ne capte pas. Le fichier est bien là. Je l'ai remis. Mais il ne me permet pas de l'ouvrir disant qu'il n'y est pas... Est-ce que Windows picole parfois?
Enfin... voilà...
perrus53
Messages postés
1012
Date d'inscription
samedi 2 février 2008
Statut
Membre
Dernière intervention
29 novembre 2014
222
28 mars 2008 à 02:58
28 mars 2008 à 02:58
Fais un scan ici:
http://www.bitdefender.com/scan/licence.php
donne moi ce qu'a trouvé le scan en ligne
http://www.bitdefender.com/scan/licence.php
donne moi ce qu'a trouvé le scan en ligne
Le problème, c'est que j'ai une connexion vraiment lente (petite ville cambodgienne) et chère (seul cyber-café (Hôtel) a avoir broadband).
Dois-je garder une connexion ouverte pendant tout le scan?
4h c'est vraiment très long... J'ose même pas imaginer le temps que ça me mettrait au travail avec ma connexion 56k par téléphone...
Dois-je garder une connexion ouverte pendant tout le scan?
4h c'est vraiment très long... J'ose même pas imaginer le temps que ça me mettrait au travail avec ma connexion 56k par téléphone...
tribun
Messages postés
64861
Date d'inscription
vendredi 24 août 2007
Statut
Membre
Dernière intervention
20 février 2020
12 511
28 mars 2008 à 04:13
28 mars 2008 à 04:13
oui le scan se fait en ligne , donc connecté !
BitDefender Online Scanner
Scan report generated at: Fri, Mar 28, 2008 - 12:23:45
Scan path: C:\;D:\;E:\;
Statistics
Time: 02:26:38
Files: 234581
Folders: 7140
Boot Sectors 4
Archives 7577
Packed Files 10893
Results
Identified Viruses: 1
Infected Files: 1
Suspect Files: 2
Warnings: 0
Disinfected: 0
Deleted Files: 3
Engines Info
Virus Definitions: 1040406
Engine build: AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins: 16
Archive plugins: 41
Unpack plugins: 7
E-mail plugins: 6
System plugins: 5
Scan Settings:
First Action: Disinfect
Second Action: Delete
Heuristics: Yes
Enable Warnings: Yes
Scanned Extensions:*;
Exclude Extensions
Scan Emails: Yes
Scan Archives: Yes
Scan Packed: Yes
Scan Files: Yes
Scan Boot: Yes
Scanned File
Status
C:\WINDOWS\Cursors\Boom.vbs
Suspected of: Type_VBS_Autorun
C:\WINDOWS\Cursors\Boom.vbs
Disinfection failed
C:\WINDOWS\Cursors\Boom.vbs
Deleted
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Disinfection failed
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Deleted
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Suspected of: Type_VBS_Autorun
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Disinfection failed
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Deleted
Scan report generated at: Fri, Mar 28, 2008 - 12:23:45
Scan path: C:\;D:\;E:\;
Statistics
Time: 02:26:38
Files: 234581
Folders: 7140
Boot Sectors 4
Archives 7577
Packed Files 10893
Results
Identified Viruses: 1
Infected Files: 1
Suspect Files: 2
Warnings: 0
Disinfected: 0
Deleted Files: 3
Engines Info
Virus Definitions: 1040406
Engine build: AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins: 16
Archive plugins: 41
Unpack plugins: 7
E-mail plugins: 6
System plugins: 5
Scan Settings:
First Action: Disinfect
Second Action: Delete
Heuristics: Yes
Enable Warnings: Yes
Scanned Extensions:*;
Exclude Extensions
Scan Emails: Yes
Scan Archives: Yes
Scan Packed: Yes
Scan Files: Yes
Scan Boot: Yes
Scanned File
Status
C:\WINDOWS\Cursors\Boom.vbs
Suspected of: Type_VBS_Autorun
C:\WINDOWS\Cursors\Boom.vbs
Disinfection failed
C:\WINDOWS\Cursors\Boom.vbs
Deleted
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Disinfection failed
C:\Documents and Settings\Virginie\Local Settings\Temporary Internet Files\Content.IE5\BG6PLB7N\popup[1].htm
Deleted
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Suspected of: Type_VBS_Autorun
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Disinfection failed
C:\System Volume Information\_restore{FD6A86EE-460B-4AF0-87B3-F1293E4303F7}\RP8\A0007341.vbs
Deleted
26 mars 2008 à 07:50
il te faudra un pro pour désinfecter , car tu as pas mal de saloperies !