Sujet Précédent Sujet Suivant

3 Trojans qui se régénèrent sans cesse

Fermé
Pix3l Messages postés 11 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 11 juillet 2007 - 29 juin 2007 à 12:18
lukvance Messages postés 514 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 16 décembre 2013 - 6 juil. 2007 à 20:19
Bonjour ami(e)s informaticiens
Après une mauvaise expérience avec les antivirus, cela doit faire environ 1 ans que je ne protège plus mon PC (ça m'apprendra) . Avant-hier , pour le fun , je décide donc de lancer Antivir 7.0 et après 2 heures de SCAN , celui-ci me trouve près de 86 fichier infectés (des trojans pour la plupart). Je les places tous en quarantaines pour commencer puis je refais un scan rapide ; Antivir m'en retrouve 3 : Tr/Dldr.Agent.1176 , Tr/Dldr.ConHook.gen et TR/Agent.aoy.1 . Je doit en plus de cela couper mon antivirus car j'ai des alertes toutes les 5/6 secondes par Antivir de l'un de ces 3 troyens (surtout des 2 premiers) .Et j'ai beau cocher "supprimer" à chaque fois , il réapparaissent sans cesse.
Bref , un vrai casse tête qui en plus ralentit mon PC.

Voici ma configuration:
Windows XP
Internet Explorer 6.0
Windows XP
Internet Explorer 6.0
Amd Athlon 3200+
Ati radeon X800XT
1Go corsair PC3200
200Go Maxtor Sata 7200tr/min
Asus K8V (K8T800)

...Et un log HijackThis :


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:13:21, on 29/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Saitek\Software\ProfilerU.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\windows\avp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\mgrs.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8118;https=localhost:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0720F0DA-5DC7-456D-BABC-147262A2CD3F} - C:\windows\system32\ddcyy.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\windows\system32\ufxpqtxb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6807262-1D7A-44AB-947B-23B71E97915C} - C:\windows\system32\tuvtrrr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [WindowsServicesStartup] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\svchost.exe 1
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avp] C:\windows\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [Windows Updater Servc] C:\windows\system32\xpuupdate.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\windows\system32\yrfygksi.dll",forkonce
O4 - HKCU\..\Run: [german.exe] C:\windows\system32\wintems.exe
O4 - HKCU\..\Run: [MOMORacingFixCenter] "C:\Documents and Settings\Administrateur\Bureau\MOMORacingFixCenter.exe" 0
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Ctcr] "C:\windows\SEMBLY~1\ati2evxx.exe" -vt yazb
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E25F445-3F9A-46DF-A60D-7E3A59E748B9}: NameServer = 192.168.1.1,194.117.200.10
O18 - Protocol: bw+0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1B65DF04-DEE9-48FF-B6A6-74EF8EC0FCEB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ddcyy - C:\windows\system32\ddcyy.dll
O20 - Winlogon Notify: tuvtrrr - C:\windows\SYSTEM32\tuvtrrr.dll
O20 - Winlogon Notify: wintuh32 - wintuh32.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\windows\System32\dmadmin.exe
O23 - Service: DomainService - Unknown owner - C:\windows\system32\ubsbfknf.exe (file missing)
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\windows\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\windows\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\windows\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\windows\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\windows\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/04/clip_image001.jpg
A voir également:

4 réponses

Réponse 1 / 4
lukvance Messages postés 514 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 16 décembre 2013 152
29 juin 2007 à 12:22
Bonjour,

As tu vérifié que ces trojants ne soient pas dans tes fichiers de restauration systeme? Si oui, il faudrait desactiver cette option et refaire le scan de maniere a ce qu'il puisse l'effacer.

Luc
0
Réponse 2 / 4
Pix3l Messages postés 11 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 11 juillet 2007
29 juin 2007 à 12:41
Merci beaucoup de ton aide aussi rapide
J'ai désactivé la restauration système , refait un scan puis redémaré le PC . Cette fois il ne m'en reste apparement plus que 2: Tr/Dldr.Agent.1176 , Tr/Dldr.ConHook.gen
0
Réponse 3 / 4
Pix3l Messages postés 11 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 11 juillet 2007
29 juin 2007 à 14:22
Fausse joie , j'ai toujours les 3 mêmes troyens impossible à supprimer. Si quelqun pouvait m'aider à resoudre le problème , je commence vraiment à désesperer
Si ça peut vous aider, voici cette fois le rapport fait par Antivir (dans C\windows ) :


AntiVir PersonalEdition Classic
Report file date: vendredi 29 juin 2007 13:20

Scanning for 853932 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: JEROME

Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.38.1.170 5569024 Bytes 21/05/2007 20:16:39
ANTIVIR2.VDF : 6.39.0.51 779776 Bytes 25/06/2007 20:16:39
ANTIVIR3.VDF : 6.39.0.72 205312 Bytes 28/06/2007 20:16:39
AVEWIN32.DLL : 7.4.0.36 2482688 Bytes 28/06/2007 20:16:39
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.13 360488 Bytes 28/06/2007 20:16:39
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\sysdir.avp
Logging..........................: medium
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Skipped files....................: C:\jeux, C:\Program Files\Microsoft Games,

Start of the scan: vendredi 29 juin 2007 13:20

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'msn_sl.exe' - '1' Module(s) have been scanned
Scan process 'mgrs.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\windows\mgrs.exe'
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'DkService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Scan process 'avp.exe' - '1' Module(s) have been scanned
Scan process 'SaiMfd.exe' - '1' Module(s) have been scanned
Scan process 'ProfilerU.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Process 'mgrs.exe' has been terminated
C:\windows\
C:\windows\mgrs.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.11776
[INFO] The file was moved to '46f6eb5f.qua'!

32 processes with 31 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
C:\WINDOWS\
C:\Program Files\Java\jre1.6.0_01\bin\
C:\WINDOWS\system32\
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\
C:\Program Files\Saitek\Software\
C:\Program Files\Saitek\Software\
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\
C:\WINDOWS\
C:\WINDOWS\system32\
C:\WINDOWS\PCHealth\HelpCtr\Binaries\
C:\Program Files\MSN Messenger\
C:\Program Files\Google\GoogleToolbarNotifier\
C:\WINDOWS\system32\
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\

The registry was scanned ( '16' files ).


Starting the file scan:

Begin scan in 'C:\windows\system32'
C:\windows\system32\
C:\windows\system32\tuvtrrr.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\windows\system32\wvaxrkcl.exe
[DETECTION] Is the Trojan horse TR/Agent.aoy.1
[INFO] The file was moved to '46e5eb83.qua'!
C:\windows\system32\xpdx.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x0002
[WARNING] Access error/file locked!
C:\windows\system32\1033\
C:\windows\system32\1036\
C:\windows\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\
C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\
C:\windows\system32\CatRoot2\
C:\windows\system32\CatRoot2\edb.log
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\CatRoot2\tmp.edb
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\
C:\windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\
C:\windows\system32\Com\
C:\windows\system32\config\
C:\windows\system32\config\default
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\default.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\SAM
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\SAM.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\SECURITY
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\SECURITY.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\software
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\software.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\system
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\system.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\config\systemprofile\
C:\windows\system32\config\systemprofile\Application Data\
C:\windows\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\
C:\windows\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\
C:\windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\
C:\windows\system32\config\systemprofile\Cookies\
C:\windows\system32\config\systemprofile\Local Settings\
C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\
C:\windows\system32\config\systemprofile\Local Settings\Historique\
C:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\
C:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012006022520060226\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\517HIE6L\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8VR17LIO\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ6TQ9FX\
C:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\X7V9OLD0\
C:\windows\system32\config\systemprofile\Menu Démarrer\
C:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\
C:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\
C:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\
C:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement\
C:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\
C:\windows\system32\config\systemprofile\Modèles\
C:\windows\system32\config\systemprofile\SendTo\
C:\windows\system32\DirectX\Dinput\
C:\windows\system32\dllcache\
C:\windows\system32\drivers\
C:\windows\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\windows\system32\drivers\etc\
C:\windows\system32\drivers\Pinnacle\lstone\ucode\
C:\windows\system32\drivers\UMDF\
C:\windows\system32\DRVSTORE\wlphonecv_8800C151E3BB9442F62327FF05F053BF5567B318\
C:\windows\system32\Futuremark\MSC\
C:\windows\system32\ias\
C:\windows\system32\icsxml\
C:\windows\system32\IME\CINTLGNT\
C:\windows\system32\IME\PINTLGNT\
C:\windows\system32\IME\TINTLGNT\
C:\windows\system32\inetsrv\
C:\windows\system32\Macromed\Common\
C:\windows\system32\Macromed\Director\
C:\windows\system32\Macromed\Flash\
C:\windows\system32\Macromed\Shockwave 8\
C:\windows\system32\Macromed\Shockwave 8\Xtras\
C:\windows\system32\MAGIX\
C:\windows\system32\MAGIX\fotoclinic45_F\
C:\windows\system32\Microsoft\Protect\S-1-5-18\
C:\windows\system32\Microsoft\Protect\S-1-5-18\User\
C:\windows\system32\MsDtc\
C:\windows\system32\MsDtc\Trace\
C:\windows\system32\mui\000C\
C:\windows\system32\mui\0409\
C:\windows\system32\npp\
C:\windows\system32\oobe\
C:\windows\system32\oobe\actsetup\
C:\windows\system32\oobe\error\
C:\windows\system32\oobe\html\dslmain\
C:\windows\system32\oobe\html\iconnect\
C:\windows\system32\oobe\html\isptype\
C:\windows\system32\oobe\html\mouse\
C:\windows\system32\oobe\html\mouse\images\
C:\windows\system32\oobe\html\sconnect\
C:\windows\system32\oobe\icserror\
C:\windows\system32\oobe\images\
C:\windows\system32\oobe\isperror\
C:\windows\system32\oobe\regerror\
C:\windows\system32\oobe\setup\
C:\windows\system32\PreInstall\WinSE\wxp_x86_040C_v1\
C:\windows\system32\Quicktime\
C:\windows\system32\ras\
C:\windows\system32\ReinstallBackups\0000\DriverFiles\
C:\windows\system32\ReinstallBackups\0001\DriverFiles\
C:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0002\DriverFiles\
C:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0003\DriverFiles\
C:\windows\system32\ReinstallBackups\0004\DriverFiles\
C:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0005\DriverFiles\
C:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0006\DriverFiles\
C:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0007\DriverFiles\
C:\windows\system32\ReinstallBackups\0008\DriverFiles\
C:\windows\system32\ReinstallBackups\0009\DriverFiles\
C:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0010\DriverFiles\
C:\windows\system32\ReinstallBackups\0011\DriverFiles\
C:\windows\system32\ReinstallBackups\0012\DriverFiles\
C:\windows\system32\ReinstallBackups\0013\DriverFiles\
C:\windows\system32\ReinstallBackups\0014\DriverFiles\
C:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0015\DriverFiles\
C:\windows\system32\ReinstallBackups\0016\DriverFiles\
C:\windows\system32\ReinstallBackups\0017\DriverFiles\
C:\windows\system32\ReinstallBackups\0018\DriverFiles\
C:\windows\system32\ReinstallBackups\0019\DriverFiles\
C:\windows\system32\ReinstallBackups\0020\DriverFiles\
C:\windows\system32\ReinstallBackups\0021\DriverFiles\
C:\windows\system32\ReinstallBackups\0022\DriverFiles\
C:\windows\system32\ReinstallBackups\0023\DriverFiles\
C:\windows\system32\ReinstallBackups\0024\DriverFiles\
C:\windows\system32\ReinstallBackups\0025\DriverFiles\
C:\windows\system32\ReinstallBackups\0025\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0026\DriverFiles\
C:\windows\system32\ReinstallBackups\0027\DriverFiles\
C:\windows\system32\ReinstallBackups\0028\DriverFiles\
C:\windows\system32\ReinstallBackups\0029\DriverFiles\
C:\windows\system32\ReinstallBackups\0029\DriverFiles\i386\
C:\windows\system32\ReinstallBackups\0030\DriverFiles\
C:\windows\system32\ReinstallBackups\0031\DriverFiles\
C:\windows\system32\ReinstallBackups\0031\DriverFiles\i386\
C:\windows\system32\Restore\
C:\windows\system32\Samsung\
C:\windows\system32\Samsung PC Studio Codecs\
C:\windows\system32\Setup\
C:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2469\
C:\windows\system32\spool\drivers\color\
C:\windows\system32\spool\drivers\w32x86\3\
C:\windows\system32\usmt\
C:\windows\system32\wbem\
C:\windows\system32\wbem\AutoRecover\
C:\windows\system32\wbem\Logs\
C:\windows\system32\wbem\mof\good\
C:\windows\system32\wbem\Performance\
C:\windows\system32\wbem\Repository\
C:\windows\system32\wbem\Repository\FS\
C:\windows\system32\wbem\xml\


End of the scan: vendredi 29 juin 2007 13:20
Used time: 00:31 min

The scan has been done completely.

246 Scanning directories
5902 Files were scanned
4 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
14 Files cannot be scanned
5898 Files not concerned
6 Archives were scanned
15 Warnings
0 Notes
0 Hidden objects were found



: S
Merci d'avance
0
Réponse 4 / 4
lukvance Messages postés 514 Date d'inscription vendredi 29 juin 2007 Statut Membre Dernière intervention 16 décembre 2013 152
6 juil. 2007 à 20:19
Salut,

Encore une fois, ce second scan a retourné deux virus situés a quel endroit sur ton ordinateur? Ensuite, le scan dont tu as copier collé le log a t il été fait en mode sans echec?

Luc
0

Discussions similaires

Que signifie cet emoji :3
Moi -
AssassinTourist -

2 réponses
Signification de " :3 "
blanchecanelle -
Pistounette -

5 réponses
Ma Freebox redémarre tout le temps
hagbard.c -
WissenAmek -

116 réponses
3 Bips au demarrage
Mowiz -
tribun -

8 réponses
Que peut faire 3fois/j un homme, mais qu'1fois/j une femme
Soter -
Raymond PENTIER -

1 réponse