Alerte TR/Spy.Agent.beaf

Résolu
emmaka Messages postés 164 Statut Membre -  
 Destrio5 -
Bonjour,

mon antivirus ANTIVIR a detecter 18 alertes TR/Spy.Agent.beaf je l'ai mis en quarantaine , mais j'aimerais analyser mon PC plus en profondeur !
que me conseiller vous ?
et comment ai je pu attraper ce truc ??

merci
A voir également:

32 réponses

Précédent
  • 1
  • 2
Réponse 21 / 32
emmaka Messages postés 164 Statut Membre 4
 
Avira AntiVir Personal
Report file date: jeudi 11 mars 2010 15:10

Scanning for 1839875 virus strains and unwanted programs.

Licensed to: Avira AntiVir Personal - FREE Antivirus
Serial number: 0000149996-ADJIE-0000001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-EB85C523610

Version information:
BUILD.DAT : 8.2.0.354 17048 Bytes 23/10/2009 13:15:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 14:41:03
AVSCAN.DLL : 8.1.4.0 40705 Bytes 18/07/2008 14:52:30
LUKE.DLL : 8.1.4.5 164097 Bytes 18/07/2008 14:52:31
LUKERES.DLL : 8.1.4.0 12033 Bytes 18/07/2008 14:52:31
ANTIVIR0.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 19:13:56
ANTIVIR1.VDF : 7.10.4.211 7108976 Bytes 05/03/2010 18:18:55
ANTIVIR2.VDF : 7.10.5.33 285600 Bytes 10/03/2010 17:54:39
ANTIVIR3.VDF : 7.10.5.35 56320 Bytes 10/03/2010 17:54:39
Engineversion : 8.2.1.180
AEVDF.DLL : 8.1.1.3 106868 Bytes 23/01/2010 19:07:45
AESCRIPT.DLL : 8.1.3.17 1032570 Bytes 26/02/2010 17:55:33
AESCN.DLL : 8.1.5.0 127347 Bytes 26/02/2010 17:55:26
AESBX.DLL : 8.1.2.0 254323 Bytes 26/02/2010 17:55:24
AERDL.DLL : 8.1.4.2 479602 Bytes 14/02/2010 06:17:25
AEPACK.DLL : 8.2.1.0 426356 Bytes 02/03/2010 17:54:28
AEOFFICE.DLL : 8.1.0.39 196987 Bytes 20/02/2010 17:54:42
AEHEUR.DLL : 8.1.1.7 2326902 Bytes 20/02/2010 17:54:40
AEHELP.DLL : 8.1.10.1 237942 Bytes 26/02/2010 17:55:22
AEGEN.DLL : 8.1.2.0 373107 Bytes 26/02/2010 17:55:19
AEEMU.DLL : 8.1.1.0 393587 Bytes 24/10/2009 09:22:14
AECORE.DLL : 8.1.12.2 188790 Bytes 02/03/2010 17:54:27
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 16:31:54
AVWINLL.DLL : 1.0.0.12 15105 Bytes 18/07/2008 14:52:30
AVPREF.DLL : 8.0.2.0 38657 Bytes 18/07/2008 14:52:30
AVREP.DLL : 8.0.0.7 159784 Bytes 16/02/2010 17:54:00
AVREG.DLL : 8.0.0.1 33537 Bytes 18/07/2008 14:52:30
AVARKT.DLL : 1.0.0.23 307457 Bytes 20/04/2008 13:42:30
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 18/07/2008 14:52:30
SQLITE3.DLL : 3.3.17.1 339968 Bytes 20/04/2008 13:42:31
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 18/07/2008 14:52:31
NETNT.DLL : 8.0.0.1 7937 Bytes 20/04/2008 13:42:31
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 18/07/2008 14:52:28
RCTEXT.DLL : 8.0.52.0 86273 Bytes 18/07/2008 14:52:28

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 11 mars 2010 15:10

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'wltuser.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <PRESARIO_RP>


End of the scan: jeudi 11 mars 2010 15:58
Used time: 47:55 Minute(s)

The scan has been done completely.

8789 Scanning directories
412352 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
412350 Files not concerned
14806 Archives were scanned
2 Warnings
0 Notes
0
Réponse 22 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
Plus de fichiers détectés pas antivir , tu as toujours des soucis ?
0
Réponse 23 / 32
emmaka Messages postés 164 Statut Membre 4
 
non merci pour ton aide

qu'est ce que je fais de tout ce qu'on a mis sur mon bureau ? je supprime et desinstalle ?
0
Réponse 24 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
Ne t'inquiète pas on va supprimer tous ca :

Toolcleaner est un outil qui va permettre de supprimer les programmes utilisés durant la désinfection.

•Télécharge Toolscleaner https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/ sur ton Bureau
•Double-clique sur ToolsCleaner2.exe et laisse le travailler
•Clique sur Recherche et laisse le scan se terminer.
•Clique sur Suppression pour finaliser.
•Tu peux, si tu le souhaites, te servir des Options facultatives.
•Clique sur Quitter, pour que le rapport puisse se créer.
•Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta prochaine réponse


Puis tu peux faire un nettoyage des fichiers temporaires avec ccleaner : https://www.malekal.com/tutoriel-ccleaner/


Par contre je te conseils de garder ccleaner pour un nettoyage de temps en temps c'est un très bon outil et de garder aussi malware bytes qui te permettra d'analyser ton ordinateur régulièrement par exemple une fois par mois .
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 32
emmaka Messages postés 164 Statut Membre 4
 
Avira AntiVir Personal
Report file date: jeudi 11 mars 2010 15:10

Scanning for 1839875 virus strains and unwanted programs.

Licensed to: Avira AntiVir Personal - FREE Antivirus
Serial number: 0000149996-ADJIE-0000001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-EB85C523610

Version information:
BUILD.DAT : 8.2.0.354 17048 Bytes 23/10/2009 13:15:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 14:41:03
AVSCAN.DLL : 8.1.4.0 40705 Bytes 18/07/2008 14:52:30
LUKE.DLL : 8.1.4.5 164097 Bytes 18/07/2008 14:52:31
LUKERES.DLL : 8.1.4.0 12033 Bytes 18/07/2008 14:52:31
ANTIVIR0.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 19:13:56
ANTIVIR1.VDF : 7.10.4.211 7108976 Bytes 05/03/2010 18:18:55
ANTIVIR2.VDF : 7.10.5.33 285600 Bytes 10/03/2010 17:54:39
ANTIVIR3.VDF : 7.10.5.35 56320 Bytes 10/03/2010 17:54:39
Engineversion : 8.2.1.180
AEVDF.DLL : 8.1.1.3 106868 Bytes 23/01/2010 19:07:45
AESCRIPT.DLL : 8.1.3.17 1032570 Bytes 26/02/2010 17:55:33
AESCN.DLL : 8.1.5.0 127347 Bytes 26/02/2010 17:55:26
AESBX.DLL : 8.1.2.0 254323 Bytes 26/02/2010 17:55:24
AERDL.DLL : 8.1.4.2 479602 Bytes 14/02/2010 06:17:25
AEPACK.DLL : 8.2.1.0 426356 Bytes 02/03/2010 17:54:28
AEOFFICE.DLL : 8.1.0.39 196987 Bytes 20/02/2010 17:54:42
AEHEUR.DLL : 8.1.1.7 2326902 Bytes 20/02/2010 17:54:40
AEHELP.DLL : 8.1.10.1 237942 Bytes 26/02/2010 17:55:22
AEGEN.DLL : 8.1.2.0 373107 Bytes 26/02/2010 17:55:19
AEEMU.DLL : 8.1.1.0 393587 Bytes 24/10/2009 09:22:14
AECORE.DLL : 8.1.12.2 188790 Bytes 02/03/2010 17:54:27
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 16:31:54
AVWINLL.DLL : 1.0.0.12 15105 Bytes 18/07/2008 14:52:30
AVPREF.DLL : 8.0.2.0 38657 Bytes 18/07/2008 14:52:30
AVREP.DLL : 8.0.0.7 159784 Bytes 16/02/2010 17:54:00
AVREG.DLL : 8.0.0.1 33537 Bytes 18/07/2008 14:52:30
AVARKT.DLL : 1.0.0.23 307457 Bytes 20/04/2008 13:42:30
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 18/07/2008 14:52:30
SQLITE3.DLL : 3.3.17.1 339968 Bytes 20/04/2008 13:42:31
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 18/07/2008 14:52:31
NETNT.DLL : 8.0.0.1 7937 Bytes 20/04/2008 13:42:31
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 18/07/2008 14:52:28
RCTEXT.DLL : 8.0.52.0 86273 Bytes 18/07/2008 14:52:28

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 11 mars 2010 15:10

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'wltuser.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <PRESARIO_RP>


End of the scan: jeudi 11 mars 2010 15:58
Used time: 47:55 Minute(s)

The scan has been done completely.

8789 Scanning directories
412352 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
412350 Files not concerned
14806 Archives were scanned
2 Warnings
0 Notes
0
Réponse 26 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
nan c'est le rapport de toolcleaner qui me faut
0
Réponse 27 / 32
emmaka
 
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\UsbFix: trouvé !
C:\Documents and Settings\Compaq_Propriétaire\Bureau\Rsit.exe: trouvé !
C:\Program Files\ZHPDiag: trouvé !
C:\Program Files\ZHPDiag\ZHPdiag.exe: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\ZHPDiag\ZHPdiag.exe: supprimé !
C:\Documents and Settings\Compaq_Propriétaire\Bureau\Rsit.exe: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\UsbFix: supprimé !
C:\Program Files\ZHPDiag: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 28 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
Il reste findy kill :

•Double clic sur le raccourci FindyKill présent sur ton bureau
•Choisi l'option 5 ( Désinstaller )
0
Réponse 29 / 32
emmaka Messages postés 164 Statut Membre 4
 
j'ai pas findykill
j'ai encore sur mon bureau: setup.exe , usbfix ; malware ; zhpdiag ; toolscleaner
je peut les enlever au moins les raccourcis ?
0
Réponse 30 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
Oui tu peux supprimer les fichiers que tu as téléchargé , comme tu le vois sur le rapport les dossiers créés par ces outils ont été supprimé :

C:\Program Files\ZHPDiag\ZHPdiag.exe: supprimé !
C:\Documents and Settings\Compaq_Propriétaire\Bureau\Rsit.exe: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\UsbFix: supprimé !
C:\Program Files\ZHPDiag: supprimé !


Voilà si tu n'a plus de questions je te souhaite une bonne journée
0
Réponse 31 / 32
emmaka Messages postés 164 Statut Membre 4
 
ok super !!
merci beaucoup pour ton aide
0
Réponse 32 / 32
truecode Messages postés 2092 Date d'inscription   Statut Membre Dernière intervention   86
 
De rien ,Ah j'oubliais tu peux faire une dernière chose mettre ton sujet comme résolu
0

Discussions similaires

Signification "TR"
andromeid -
matrix4422 -

3 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
Signification des abréviations RE: et TR:
La Salamandre -
Iolose -

19 réponses
casque sans fil Sennheiser TR 4200 ne fonctionne plus
jcb83400 -
DIY -

3 réponses
Problème casque sennheiser 4200
barbie35 -
Beenaxa -

1 réponse