Trojan help me!

Résolu
kinalys -  
 Utilisateur anonyme -
Bonjour, j'ai besoin d'aide, mon pc est infecté...!Merci de bien vouloir m'aider à me débarrasser de ça ! Voila le rapport d'Antivir, 4 détections :



Avira AntiVir Personal
Report file date: 13 janvier 2010 17:43

Scanning for 1525890 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ANIK

Version information:
BUILD.DAT : 9.0.0.415 21609 Bytes 08/11/2009 10:00:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 16:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 12:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 11:22:48
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 11:22:48
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 11:22:48
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 11:22:48
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 11:22:48
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 11:22:48
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 11:22:48
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 11:22:49
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 11:22:49
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 11:22:49
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 11:22:49
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 11:22:49
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 11:22:53
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 11:22:56
VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 11:22:59
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 11:23:04
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 11:23:07
VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 11:23:10
VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 11:23:13
VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 11:23:16
VBASE021.VDF : 7.10.2.131 201216 Bytes 07/01/2010 11:23:19
VBASE022.VDF : 7.10.2.158 192000 Bytes 11/01/2010 11:23:22
VBASE023.VDF : 7.10.2.159 2048 Bytes 11/01/2010 11:23:22
VBASE024.VDF : 7.10.2.160 2048 Bytes 11/01/2010 11:23:23
VBASE025.VDF : 7.10.2.161 2048 Bytes 11/01/2010 11:23:23
VBASE026.VDF : 7.10.2.162 2048 Bytes 11/01/2010 11:23:23
VBASE027.VDF : 7.10.2.163 2048 Bytes 11/01/2010 11:23:24
VBASE028.VDF : 7.10.2.164 2048 Bytes 11/01/2010 11:23:25
VBASE029.VDF : 7.10.2.165 2048 Bytes 11/01/2010 11:23:25
VBASE030.VDF : 7.10.2.166 2048 Bytes 11/01/2010 11:23:26
VBASE031.VDF : 7.10.2.177 151040 Bytes 13/01/2010 11:23:28
Engineversion : 8.2.1.134
AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 12:38:52
AESCRIPT.DLL : 8.1.3.7 594296 Bytes 13/01/2010 11:24:03
AESCN.DLL : 8.1.3.0 127348 Bytes 13/01/2010 11:23:59
AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 12:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 13/01/2010 11:23:58
AEPACK.DLL : 8.2.0.4 422263 Bytes 13/01/2010 11:23:55
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 12:38:38
AEHEUR.DLL : 8.1.0.194 2228599 Bytes 13/01/2010 11:23:51
AEHELP.DLL : 8.1.9.0 237943 Bytes 13/01/2010 11:23:37
AEGEN.DLL : 8.1.1.83 369014 Bytes 13/01/2010 11:23:35
AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 12:38:26
AECORE.DLL : 8.1.9.1 180598 Bytes 13/01/2010 11:23:32
AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 12:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 20:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 17:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 13 janvier 2010 17:43

Starting search for hidden objects.
An ARK library instance is already running.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'DLG.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'stsystra.exe' - '1' Module(s) have been scanned
Scan process 'WLTRAY.EXE' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'msa.exe' - '1' Module(s) have been scanned
Scan process 'c.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NicConfigSvc.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'AAWService.exe' - '1' Module(s) have been scanned
Scan process 'BCMWLTRY.EXE' - '1' Module(s) have been scanned
Scan process 'WLTRYSVC.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
48 processes with 48 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '58' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\a.exe
[DETECTION] Is the TR/FraudPack.ajwb Trojan
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\d.exe
[DETECTION] Is the TR/FraudPack.ajwb Trojan
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\sshnas.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\WINDOWS\system32\sshnas.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

Beginning disinfection:
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\a.exe
[DETECTION] Is the TR/FraudPack.ajwb Trojan
[NOTE] The file was moved to '4bb36938.qua'!
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\d.exe
[DETECTION] Is the TR/FraudPack.ajwb Trojan
[NOTE] The file was moved to '4ad597b9.qua'!
C:\Documents and Settings\Anik Goulet\Local Settings\Temp\sshnas.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4bb6697e.qua'!
C:\WINDOWS\system32\sshnas.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[NOTE] The file was moved to '4bb66970.qua'!


End of the scan: 13 janvier 2010 19:45
Used time: 2:00:19 Hour(s)

The scan has been done completely.

7953 Scanned directories
332376 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
4 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
332371 Files not concerned
5582 Archives were scanned
2 Warnings
5 Notes

36 réponses

Précédent
  • 1
  • 2
Réponse 21 / 36
kinalys
 
Jai refais un scan avec antivir et il me trouve encore un virus
HTML.Malicious.ActiveX.Gen C'est un petit nouveau celui la, il n'était pas la :)
0
Réponse 22 / 36
Utilisateur anonyme
 
Je dois analyser les fichiers un par un, tu veux que tu poste quoi ? les liens pour les analyses?

non les detections des differents antivirus avec les noms des fichiers respectifs
0
Réponse 23 / 36
kinalys
 
Fichier drvc.dll reçu le 2010.01.16 01:10:32 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.50 2010.01.16 -
AhnLab-V3 5.0.0.2 2010.01.15 -
AntiVir 7.9.1.142 2010.01.15 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.15 -
Avast 4.8.1351.0 2010.01.16 -
AVG 9.0.0.730 2010.01.16 -
BitDefender 7.2 2010.01.16 -
CAT-QuickHeal 10.00 2010.01.15 -
ClamAV 0.94.1 2010.01.15 -
Comodo 3598 2010.01.16 -
DrWeb 5.0.1.12222 2010.01.16 -
eSafe 7.0.17.0 2010.01.14 -
eTrust-Vet 35.2.7240 2010.01.15 -
F-Prot 4.5.1.85 2010.01.15 -
F-Secure 9.0.15370.0 2010.01.15 -
Fortinet 4.0.14.0 2010.01.15 -
GData 19 2010.01.15 -
Ikarus T3.1.1.80.0 2010.01.15 -
Jiangmin 13.0.900 2010.01.15 -
K7AntiVirus 7.10.948 2010.01.15 -
Kaspersky 7.0.0.125 2010.01.16 -
McAfee 5862 2010.01.15 -
McAfee+Artemis 5862 2010.01.15 -
McAfee-GW-Edition 6.8.5 2010.01.16 -
Microsoft 1.5302 2010.01.16 -
NOD32 4776 2010.01.15 -
Norman 6.04.03 2010.01.15 -
nProtect 2009.1.8.0 2010.01.15 -
Panda 10.0.2.2 2010.01.15 -
PCTools 7.0.3.5 2010.01.16 -
Prevx 3.0 2010.01.16 -
Rising 22.30.04.04 2010.01.15 -
Sophos 4.49.0 2010.01.16 -
Sunbelt 3.2.1858.2 2010.01.15 -
Symantec 20091.2.0.41 2010.01.16 -
TheHacker 6.5.0.4.153 2010.01.16 -
TrendMicro 9.120.0.1004 2010.01.15 -
VBA32 3.12.12.1 2010.01.15 -
ViRobot 2010.1.15.2138 2010.01.15 -
VirusBuster 5.0.21.0 2010.01.15 -

Information additionnelle
File size: 335872 bytes
MD5   : 6e5d81c686de81648fcf2fb13aa36d88
SHA1  : 24eff1a08c2a83173bd613502d16dd4e3f627662
SHA256: 0550d0013ec2eb83bbaccf7dfadd96bd20b2a1c4ed127fb16c483ee80ad15c03
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x1E2B<br> timedatestamp.....: 0x4154A24A (Sat Sep 25 00:40:10 2004)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 6 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x3D50A 0x3E000 6.71 c1991adb0cc0708c763d607eb82278fb<br>.rdata 0x3F000 0x87A 0x1000 3.30 8a7ca80475685e43db58bcf8ed3c9bb3<br>.data 0x40000 0x24710 0x1000 2.46 2fbd61daf8b5f8a8b965661a02117e43<br>.data1 0x65000 0xD940 0xE000 6.26 f6082b22c15c60148bec6484015fe368<br>.rsrc 0x73000 0x480 0x1000 1.22 e510837aaa1a0b81165eefa4a08b2e8f<br>.reloc 0x74000 0x1622 0x2000 4.32 e9f97e5283fe43cfbb307a45e9113c02<br> <br> ( 3 imports )<br> <br>> advapi32.dll: RegCloseKey, RegSetValueExA, RegOpenKeyExA, RegQueryValueExA<br>> kernel32.dll: GetSystemInfo, WaitForSingleObject, CloseHandle, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetPrivateProfileIntA, CreateEventA, WaitForMultipleObjects, QueryPerformanceFrequency, QueryPerformanceCounter, ResetEvent, CreateThread, SetEvent<br>> msvcrt.dll: _adjust_fdiv, _initterm, __CxxFrameHandler, _beginthreadex, free, malloc, _purecall, _ftol, log10, fprintf, _iob, __2@YAPAXI@Z, __3@YAXPAX@Z, memmove, rand, printf, time, srand<br> <br> ( 1 exports )<br> <br>> _GetGUID@@YGJPAE@Z, RV40toYUV420CustomMessage, RV40toYUV420Free, RV40toYUV420HiveMessage, RV40toYUV420Init, RV40toYUV420Transform
TrID  : File type identification<br>Win64 Executable Generic (80.9%)<br>Win32 Executable Generic (8.0%)<br>Win32 Dynamic Link Library (generic) (7.1%)<br>Generic Win/DOS Executable (1.8%)<br>DOS Executable Generic (1.8%)
ssdeep: 6144:vO5Wh1lqlsi7i2EMJ9OtVHPhTldWo5aiuell4MljEz:m5Wh1lGsi7i2VJcvTldWoRlHlYz
PEiD  : -
RDS   : NSRL Reference Data Set<br>-
0
Réponse 24 / 36
kinalys
 
Cnmbjun4.dll
Fichier 4FE683FC00B9E3B470AF009926F8750090318E2C.dll reçu le 2009.06.27 18:13:35 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.27 -
AhnLab-V3 5.0.0.2 2009.06.27 -
AntiVir 7.9.0.199 2009.06.26 -
Antiy-AVL 2.0.3.1 2009.06.26 -
Authentium 5.1.2.4 2009.06.27 -
Avast 4.8.1335.0 2009.06.26 -
AVG 8.5.0.339 2009.06.27 -
BitDefender 7.2 2009.06.27 -
CAT-QuickHeal 10.00 2009.06.26 -
ClamAV 0.94.1 2009.06.27 -
Comodo 1451 2009.06.27 -
DrWeb 5.0.0.12182 2009.06.27 -
eSafe 7.0.17.0 2009.06.25 -
eTrust-Vet 31.6.6582 2009.06.26 -
F-Prot 4.4.4.56 2009.06.26 -
F-Secure 8.0.14470.0 2009.06.27 -
Fortinet 3.117.0.0 2009.06.27 -
GData 19 2009.06.27 -
Ikarus T3.1.1.64.0 2009.06.27 -
Jiangmin 11.0.706 2009.06.27 -
K7AntiVirus 7.10.768 2009.06.19 -
Kaspersky 7.0.0.125 2009.06.27 -
McAfee 5659 2009.06.27 -
McAfee+Artemis 5659 2009.06.27 -
McAfee-GW-Edition 6.7.6 2009.06.27 -
Microsoft 1.4803 2009.06.27 -
NOD32 4193 2009.06.26 -
Norman 2009.06.26 -
nProtect 2009.1.8.0 2009.06.27 -
Panda 10.0.0.16 2009.06.27 -
PCTools 4.4.2.0 2009.06.26 -
Prevx 3.0 2009.06.27 -
Rising 21.35.52.00 2009.06.27 -
Sophos 4.43.0 2009.06.27 -
Sunbelt 3.2.1858.2 2009.06.27 -
Symantec 1.4.4.12 2009.06.27 -
TheHacker 6.3.4.3.356 2009.06.27 -
TrendMicro 8.950.0.1094 2009.06.26 -
VBA32 3.12.10.7 2009.06.27 -
ViRobot 2009.6.27.1808 2009.06.27 -
VirusBuster 4.6.5.0 2009.06.27 -

Information additionnelle
File size: 28672 bytes
MD5   : 0001b7018873c0fcf458fa8618728c74
SHA1  : 757df5a9046d8bf703136624b12e1e969998328c
SHA256: 6cc88cb986e196b02256fe3aac328e25ed9fb207a922e7d1dc3d8e968e84b4bd
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x110F<br> timedatestamp.....: 0x38B0C0E1 (Mon Feb 21 05:36:49 2000)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 4 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x2AE6 0x3000 6.15 36a0c0e1eaaf22ee8160129f2fa0cae9<br>.rdata 0x4000 0x884 0x1000 3.37 923249194ed6ef10f585a9064fdd85e1<br>.data 0x5000 0x8E0 0x1000 0.63 b4c32dd9629833f9de01b456e70b9721<br>.reloc 0x6000 0x486 0x1000 2.19 8e56953d85ee0f66a34b741158515c94<br> <br> ( 2 imports )<br> <br>> kernel32.dll: HeapDestroy, GetEnvironmentStringsW, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, RtlUnwind, HeapCreate, VirtualFree, HeapFree, WriteFile, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, HeapAlloc, GetCPInfo, GetACP, GetOEMCP, VirtualAlloc, HeapReAlloc, GetProcAddress, LoadLibraryA, MultiByteToWideChar, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW<br>> winspool.drv: DeletePrinterDriverA<br> <br> ( 1 exports )<br> <br>> DeletePrinterDriver4
TrID  : File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
ssdeep: 384:IjwcpTUd8eh31FNL7kmlYfjGxyBuwXvoM5KcKEYZgD:dcpTUDhlFNcmHorrKFe
PEiD  : Armadillo v1.xx - v2.xx
RDS   : NSRL Reference Data Set<br>-
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 36
kinalys
 
CNMBJUN.5.dll
Fichier 9028C63100E19E8C700C006AED05530008F8CB84.dll reçu le 2009.07.01 09:55:16 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.01 -
AhnLab-V3 5.0.0.2 2009.07.01 -
AntiVir 7.9.0.199 2009.07.01 -
Antiy-AVL 2.0.3.1 2009.07.01 -
Authentium 5.1.2.4 2009.06.30 -
Avast 4.8.1335.0 2009.06.30 -
AVG 8.5.0.386 2009.07.01 -
BitDefender 7.2 2009.07.01 -
CAT-QuickHeal 10.00 2009.07.01 -
ClamAV 0.94.1 2009.07.01 -
Comodo 1504 2009.07.01 -
DrWeb 5.0.0.12182 2009.07.01 -
eSafe 7.0.17.0 2009.06.29 -
eTrust-Vet 31.6.6590 2009.06.30 -
F-Prot 4.4.4.56 2009.06.30 -
F-Secure 8.0.14470.0 2009.07.01 -
Fortinet 3.117.0.0 2009.07.01 -
GData 19 2009.07.01 -
Ikarus T3.1.1.64.0 2009.07.01 -
Jiangmin 11.0.706 2009.07.01 -
K7AntiVirus 7.10.768 2009.06.19 -
McAfee 5662 2009.06.30 -
McAfee+Artemis 5662 2009.06.30 -
McAfee-GW-Edition 6.7.6 2009.07.01 -
Microsoft 1.4803 2009.07.01 -
NOD32 4203 2009.07.01 -
Norman 2009.06.30 -
nProtect 2009.1.8.0 2009.07.01 -
Panda 10.0.0.14 2009.06.30 -
PCTools 4.4.2.0 2009.06.30 -
Prevx 3.0 2009.07.01 -
Rising 21.36.21.00 2009.07.01 -
Sophos 4.43.0 2009.07.01 -
Sunbelt 3.2.1858.2 2009.07.01 -
Symantec 1.4.4.12 2009.07.01 -
TheHacker 6.3.4.3.358 2009.06.30 -
TrendMicro 8.950.0.1094 2009.07.01 -
VBA32 3.12.10.7 2009.07.01 -
ViRobot 2009.7.1.1814 2009.07.01 -
VirusBuster 4.6.5.0 2009.06.30 -

Information additionnelle
File size: 28672 bytes
MD5   : 33851cf4428840f34a33a4e16c21aa3f
SHA1  : c51e35142d88a87e2f6b4a23d3b5298f4cf7e42a
SHA256: 29661a79d63dd6168fe6ef146f7ba0c1a7383add7890e59e5fcdb5aff4ad3cfa
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x148D<br> timedatestamp.....: 0x38B0E3DC (Mon Feb 21 08:06:04 2000)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 4 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x2F96 0x3000 6.55 d19dab1e1f1318fb97d443f1465b7d25<br>.rdata 0x4000 0xAF1 0x1000 4.04 618b34ad15d22b57a27b3efbad247532<br>.data 0x5000 0x920 0x1000 0.67 8e90b05d39ce5b0fef22a4c597713af9<br>.reloc 0x6000 0x4AE 0x1000 2.28 ecfb7d9a10e1316cda704d270cc0a28e<br> <br> ( 6 imports )<br> <br>> kernel32.dll: GetStartupInfoA, GetFileSize, CreateFileA, GetLastError, GetPrivateProfileStringA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, CloseHandle, RtlUnwind, DeleteCriticalSection, GetModuleFileNameA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, MultiByteToWideChar, GetCommandLineA, GetVersion, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, ExitProcess, TerminateProcess, GetCurrentProcess, SetHandleCount, GetStdHandle, GetFileType, GetProcAddress, HeapAlloc, WriteFile, LoadLibraryA, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, HeapFree, HeapReAlloc, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetCPInfo, GetACP, GetOEMCP, VirtualAlloc<br>> mscms.dll: AssociateColorProfileWithDeviceA, InstallColorProfileA<br>> newdev.dll: UpdateDriverForPlugAndPlayDevicesA<br>> setupapi.dll: SetupCopyOEMInfA<br>> user32.dll: CharLowerBuffA<br>> winspool.drv: DeletePrinterDriverExA<br> <br> ( 1 exports )<br> <br>> DLL_AssociateColorProfile, DLL_CopyOEMINF, DLL_InstColorProfile, DLL_UpdateDriverForPnP, DeletePrinterDriver5
TrID  : File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
ssdeep: 384:Y6J6JhAxTrlBQaFkmlPAyHywHhrL+PMiKkKEYQZYMO/lb:hxTrLrFRthrqrjKF2Otb
PEiD  : Armadillo v1.xx - v2.xx
RDS   : NSRL Reference Data Set<br>-
0
Réponse 26 / 36
kinalys
 
iexplorer.ini
Fichier s reçu le 2009.09.22 16:19:46 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.09.22 -
AhnLab-V3 5.0.0.2 2009.09.22 -
AntiVir 7.9.1.23 2009.09.22 -
Antiy-AVL 2.0.3.7 2009.09.22 -
Authentium 5.1.2.4 2009.09.21 -
Avast 4.8.1351.0 2009.09.21 -
AVG 8.5.0.412 2009.09.22 -
BitDefender 7.2 2009.09.22 -
CAT-QuickHeal 10.00 2009.09.22 -
ClamAV 0.94.1 2009.09.22 -
Comodo 2403 2009.09.22 -
DrWeb 5.0.0.12182 2009.09.22 -
eSafe 7.0.17.0 2009.09.22 -
eTrust-Vet 31.6.6753 2009.09.22 -
F-Prot 4.5.1.85 2009.09.21 -
F-Secure 8.0.14470.0 2009.09.22 -
Fortinet 3.120.0.0 2009.09.22 -
GData 19 2009.09.22 -
Ikarus T3.1.1.72.0 2009.09.22 -
Jiangmin 11.0.800 2009.09.22 -
K7AntiVirus 7.10.851 2009.09.22 -
Kaspersky 7.0.0.125 2009.09.22 -
McAfee 5749 2009.09.22 -
McAfee+Artemis 5749 2009.09.22 -
McAfee-GW-Edition 6.8.5 2009.09.22 -
Microsoft 1.5005 2009.09.22 -
NOD32 4447 2009.09.22 -
Norman 6.01.09 2009.09.22 -
nProtect 2009.1.8.0 2009.09.22 -
Panda 10.0.2.2 2009.09.22 -
PCTools 4.4.2.0 2009.09.22 -
Prevx 3.0 2009.09.22 -
Rising 21.48.14.00 2009.09.22 -
Sophos 4.45.0 2009.09.22 -
Sunbelt 3.2.1858.2 2009.09.22 -
Symantec 1.4.4.12 2009.09.22 -
TheHacker 6.5.0.2.014 2009.09.21 -
TrendMicro 8.950.0.1094 2009.09.22 -
VBA32 3.12.10.10 2009.09.21 -
ViRobot 2009.9.22.1948 2009.09.22 -
VirusBuster 4.6.5.0 2009.09.22 -

Information additionnelle
File size: 22 bytes
MD5   : bf2d931728979e392dd755ca25ff3796
SHA1  : 647dbca6b8680dd3ffe9099d6d8336bfd5a8143f
SHA256: d0a3660dec8031dd736dd4aa8e3b30252b78296c8f00920d385492795fdcc241
TrID  : File type identification<br>Generic INI configuration (100.0%)
ssdeep: 3:uMPhtov:bPO
PEiD  : -
RDS   : NSRL Reference Data Set<br>-
0
Réponse 27 / 36
kinalys
 
voila c fait
0
Réponse 28 / 36
Utilisateur anonyme
 
tu peux poster le contenu de Iexplorer.ini stp ?
0
kinalys
 
Je l'ai posté le contenu de iexplorer.ini
0
Réponse 29 / 36
kinalys
 
Je vais pleurer lloll pourquoi je dois faire tout ca ?
0
Réponse 30 / 36
Utilisateur anonyme
 
la desinfection n'est pas une mince affaire...moi-même j'en ai encore beaucoup à apprendre ;)

C:\WINDOWS\iexplore.ini = ouvre-le , et colle ce qui est ecrit à l interieur
0
kinalys
 
Y'a rien à l'intérieur
[Graphics]
Detail=0
voila c'est tout
0
Réponse 31 / 36
kinalys
 
J'espere que je fais avancer la science avec tout ca lollll
0
Réponse 32 / 36
Utilisateur anonyme
 
vide la quarantaine d'antivir ,

configure-le comme ceci et fais un scan puis poste le rapport :

Tuto de configuration en vidéo (Merci Nico)
0
kinalys
 
MOn scan est pas encore terminé mais c'est pire qu'au départ ! deja 17 détections
0
Réponse 33 / 36
Utilisateur anonyme
 
dans quel dossier en gros ?
0
kinalys
 
Avira AntiVir Personal
Report file date: 15 janvier 2010 21:23

Scanning for 1531073 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ANIK

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 16:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 12:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 11:22:48
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 11:22:48
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 11:22:48
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 11:22:48
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 11:22:48
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 11:22:48
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 11:22:48
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 11:22:49
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 11:22:49
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 11:22:49
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 11:22:49
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 11:22:49
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 11:22:53
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 11:22:56
VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 11:22:59
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 11:23:04
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 11:23:07
VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 11:23:10
VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 11:23:13
VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 11:23:16
VBASE021.VDF : 7.10.2.131 201216 Bytes 07/01/2010 11:23:19
VBASE022.VDF : 7.10.2.158 192000 Bytes 11/01/2010 11:23:22
VBASE023.VDF : 7.10.2.186 200704 Bytes 14/01/2010 12:07:43
VBASE024.VDF : 7.10.2.187 2048 Bytes 14/01/2010 12:07:43
VBASE025.VDF : 7.10.2.188 2048 Bytes 14/01/2010 12:07:43
VBASE026.VDF : 7.10.2.189 2048 Bytes 14/01/2010 12:07:44
VBASE027.VDF : 7.10.2.190 2048 Bytes 14/01/2010 12:07:44
VBASE028.VDF : 7.10.2.191 2048 Bytes 14/01/2010 12:07:44
VBASE029.VDF : 7.10.2.192 2048 Bytes 14/01/2010 12:07:44
VBASE030.VDF : 7.10.2.193 2048 Bytes 14/01/2010 12:07:44
VBASE031.VDF : 7.10.2.196 31232 Bytes 15/01/2010 12:07:45
Engineversion : 8.2.1.142
AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 12:38:52
AESCRIPT.DLL : 8.1.3.7 594296 Bytes 13/01/2010 11:24:03
AESCN.DLL : 8.1.3.1 127348 Bytes 14/01/2010 12:14:25
AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 12:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 13/01/2010 11:23:58
AEPACK.DLL : 8.2.0.5 422262 Bytes 14/01/2010 12:14:22
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 12:38:38
AEHEUR.DLL : 8.1.0.195 2232695 Bytes 14/01/2010 12:14:18
AEHELP.DLL : 8.1.10.0 237942 Bytes 14/01/2010 12:13:57
AEGEN.DLL : 8.1.1.83 369014 Bytes 13/01/2010 11:23:35
AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 12:38:26
AECORE.DLL : 8.1.9.5 184693 Bytes 14/01/2010 12:13:53
AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 12:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 20:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 17:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 15 janvier 2010 21:23

Starting search for hidden objects.
An ARK library instance is already running.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'DLG.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'stsystra.exe' - '1' Module(s) have been scanned
Scan process 'WLTRAY.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NicConfigSvc.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'BCMWLTRY.EXE' - '1' Module(s) have been scanned
Scan process 'WLTRYSVC.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
46 processes with 46 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '57' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046336.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046337.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046338.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046339.old
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046340.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046343.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046344.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046345.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046346.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046347.ax
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046348.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046349.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046350.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046351.ax
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046352.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046354.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046355.dll
[DETECTION] Is the TR/Trash.Gen Trojan

Beginning disinfection:
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046336.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046337.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046338.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046339.old
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046340.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046343.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046344.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046345.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046346.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046347.ax
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046348.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046349.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046350.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046351.ax
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046352.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046354.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1088\A0046355.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.


End of the scan: 15 janvier 2010 23:11
Used time: 1:45:34 Hour(s)

The scan has been done completely.

8001 Scanned directories
315915 Files were scanned
17 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
315897 Files not concerned
4198 Archives were scanned
18 Warnings
18 Notes
0
Réponse 34 / 36
Utilisateur anonyme
 
ok fais ce grand menage final , il ne devrait plus rien rester ^^

Pour nettoyer les outils utilsés et mieux sécuriser ton pc
--------------------------------------------------------------------------------

▶---> Télécharge ToolsCleaner2sur ton Bureau.
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport.
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
___________________________________________________

Tu peux supprimer ToolCleaner

___________________________________________________

▶ Télécharge :ATF Cleaner par Atribune

Double-clique (clic droit "en tant qu'administrateur" pour Vista) ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected a
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité.
Clique Exit, du menu prinicipal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.

__________________________________________________

Tu peux garder ATF pour d'eventuels netttoyages un peu plus poussés
__________________________________________________

▶ Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :

* Lance-le.(clic droit "en tant qu'administrateur" pour Vista) Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse
* Veille a ce que dans les options le reglage soit au demarrage de windows et réglé sur "effacement securisé" 35 passes (guttman)
__________________________________________________

Attention : ne pas toucher au PC pendant qu'il travaille !

▶ Nettoyage et Défragmentation de tes Disques

*Nettoyage :

Clic droit sur "poste de travail"(ordinateur pour vista) ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Général"
Cliques sur le bouton "nettoyage de disque", OK
tu le fais pour chacun de tes disques
________________________________________________

*Vérifications des erreurs :

Clic droit sur "poste de travail"(ordinateur pour vista) ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Outil"
"Vérifier maintenant", une boîte s'ouvre, cocher les cases :
-réparer automatiquement les erreurs...
-rechercher et tenter une récupération...

--->Démarrer, ok
Note : s'il te dis de redémarrer ton Pc pour le faire , tu redémarres et tu laisses faire, cela prend un peu de temps c'est normal
tu le fais pour chacun de tes disques
________________________________________________

ensuite toujours dans le même onglet tu choisis :

*Défragmentation :
"défragmenter maintenant", OK
une boîte s'ouvre, tu sélectionnes le disque à défragmenter, et tu cliques sur "analyser", puis après l'analyse, "défragmenter" . OK
tu le fais pour chacun de tes disques
_______________________________________________

Note : si tu as un utilitaire pour défragmenter , utilises le à la place

pour ce faire Defraggler est proposé
_________________________________________________

▶ Peux-tu vérifier ta Console Java ? :

et installer la nouvelle version si besoin est (dans ce cas désinstalle avant l'ancienne version).

voici pour desinstaller :

JavaRa

Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.

_________________________________________________

▶ Mets à jour Adobe Reader si ce n'est pas le cas (désinstalle avant la version antérieure)
__________________________________________________

▶ Je te conseille si tu n en as pas , afin de mieux securiser ton pc , d'installer un parefeu :

Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou COMODO

https://www.commentcamarche.net/telecharger/securite/16545-online-armor-personal-firewall/
https://www.01net.com/telecharger/windows/Securite/firewall/fiches/39911.html
https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.commentcamarche.net/telecharger/securite/24863-zonealarm/
___________________________________________________

▶ Tu peux aussi vider ta corbeille,quoi que Ccleaner le fasse tout seul
_____________________________________________________

▶ Si nous avons utilisé MalwareByte's Anti-Malware , vide sa quarantaine :

* Lance le programme puis clique sur <Quarantaine>.
* Sélectionne tous les éléments puis clique sur <supprimer>.
* Quitte le programme.
______________________________________________________

si tu as installé Antivir :

Configuration
________________________________________________________

▶ Idem pour ton antivirus : vide sa quarantaine si ce n'est pas déjà fait
______________________________________________________

▶ Désactive et réactive la restauration de système, pour cela : suis les instructions du lien :

Lien XP

Lien Vista

Sitôt fait , recrées un point de restoration dit "sain" pour parer à quelques eventuels problêmes dans le futur
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Quelques conseils et recommandations pour l'avenir :

▶ Passe un coup de MalwareByte's Anti-Malware de temps en temps (1 fois par semaine , suivant l'utilisation que tu fais de ton PC.
▶ Utilise aussi tes autres logiciels de protection (scannes antivirus, antispywares...). N'oublie pas de faire les mises à jour avant de les utiliser.
* Pense aussi à faire une défragmentation de tes disques durs de temps en temps (garde suffisamment d'espace sur C:\ (1/3 de libre pour être à l'aise))
_____________

▶ Pour bien protéger ton PC :
[1 seul Antivirus] + [1 seul Pare feu] + [Un bon Antispyware] + [Mises à Jour récentes Windows et Logiciels de Protection] + [Utilisation de Firefox -ou autres- (Internet Explorer présente des failles de sécurité qui mettent longtemps avant d'être corrigées mais il faut absolument le conserver pour les mises à jour Windows et Windows live Messenger)]

Je te conseille d'installer cette extension pour Firefox pour securiser ton surf : WOT
Je te conseille d'installer cette extension pour Internet Explorer pour securiser ton surf : WOT

PS : En fait la meilleure des protections c'est toi même : ce que tu fais avec ton PC : où tu surfes, télécharges...ect....
Les virus utilisent les failles de ton PC pour infecter un système

dans le souhait de vouloir desinstaller un antivirus au profit d'un autre , voici quelques liens :

Desinstaller Avast
Desinstaller BitDefender
Desinstaller Norton
Desinstaller Kaspersky
Desinstaller AVG

ou tout en un :

Désinstallation Antivirus , Parefeu , Antispyware
_____________

Si tu as Vista n'oublie pas de réactiver le controle des comptes des utilisateurs(UAC)
___________

Si tu as Spybot S&D et que nous avons desactive le "Tea-timer" tu peux le réactiver
___________

si nous avons affiché les fichiers cachés , n'oublies pas de les remettre en attribut "caché"

▶ Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
* - Décoche Afficher les fichiers et dossiers cachés
* - coche Masquer les extensions des fichiers dont le type est connu
* - coche Masquer les fichiers protégés du système d'exploitation (recommandé)

▶ clique sur Appliquer, puis OK.
____________


Voila,

Bonne lecture, à bientot , une fois tout ceci fait,

tu peux mettre le topic en resolu

Bonne continuation et surtout , prudence et bon surf :)

0
kinalys
 
Rapport TCleaner :)
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Documents and Settings\Anik Goulet\Local Settings\Temp\6A.tmp\mbr.log: trouvé !
C:\Documents and Settings\Anik Goulet\Mes documents\Downloads\UsbFix.exe: trouvé !
C:\Documents and Settings\Anik Goulet\Recent\UsbFix.lnk: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Anik Goulet\Local Settings\Temp\6A.tmp\mbr.log: supprimé !
C:\Documents and Settings\Anik Goulet\Mes documents\Downloads\UsbFix.exe: supprimé !
C:\Documents and Settings\Anik Goulet\Recent\UsbFix.lnk: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
kinalys
 
Tu as écrit: Sitôt fait , recrées un point de restoration dit "sain" pour parer à quelques eventuels problêmes dans le futur

Je fais ca comment :)
Merci
0
kinalys
 
J'Ai téléchargé Restoration, comment je l'utilise ?
0
Kinalys
 
C'est nettoyé, aucune détection je te remercie pour ton aide très précieuse, té un pro :)
0
Réponse 35 / 36
kinalys
 
ok pour ma dernière question j'ai trouvé la réponse en recopiant ton message :)
0
Réponse 36 / 36
Utilisateur anonyme
 
ok au plaisir ^^
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
cheval de troie trojan
idnoder -
idnoder -

42 réponses