Sujet Précédent Sujet Suivant

Virus Mal/Heuri-E

Résolu/Fermé
VERSEAU59 Messages postés 4 Date d'inscription samedi 15 septembre 2007 Statut Membre Dernière intervention 10 octobre 2007 - 2 oct. 2007 à 21:10
 Utilisateur anonyme - 5 oct. 2007 à 19:31
Bonjour,
besoin de vôtre aide
je viens de faire une analyse avec mon anti virus Webroot Spy Sweeper il a détecté un virus mais il me dit impossible de mettre en quarantaine.
comment faire pour supprimer ce virus de mon ordi puis je supprimer les dll de windows system 32.
voici le résultat de l'analyse .
20:58: Les définitions de virus ont été mises à jour.
20:58: Informatif: Loaded AntiVirus Engine: 2.49.1; SDK Version: 4.21E; Virus Definitions: 02/10/2007 09:28:14 (GMT)
20:58: Les définitions de logiciels espions ont été mises à jour.
20:57: Recherche automatique de mises à jour du programme en cours.
20:56: Informatif: Virus infected file c:\windows\system32\gzmrotate.dll not cleaned.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 20 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 19 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 18 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 17 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 16 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 15 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 14 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 13 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 12 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 11 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 10 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 9 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 8 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 7 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 6 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 5 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 4 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 3 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 2 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\gzmrotate.dll still infected with virus Mal/Heuri-E after 1 round of disinfection.
20:56: Informatif: Virus infected file c:\windows\system32\nsu6c.dll not cleaned.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 20 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 19 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 18 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 17 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 16 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 15 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 14 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 13 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 12 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 11 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 10 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 9 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 8 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 7 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 6 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 5 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 4 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 3 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 2 rounds of disinfection.
20:56: Informatif: File c:\windows\system32\nsu6c.dll still infected with virus Mal/Heuri-E after 1 round of disinfection.
20:56: Mise en quarantaine de toutes les traces : Mal/Heuri-E
20:56: Traces trouvées : 2
20:56: Analyse planifiée a terminé. Durée 00:56:09
20:56: Analyse des fichiers terminée, temps passé : 00:52:44
20:43: Avertissement: SweepDirectories: Cannot find directory "j:". This directory was not added to the list of paths to be scanned.
20:43: Avertissement: SweepDirectories: Cannot find directory "i:". This directory was not added to the list of paths to be scanned.
20:43: Avertissement: SweepDirectories: Cannot find directory "h:". This directory was not added to the list of paths to be scanned.
20:43: Avertissement: SweepDirectories: Cannot find directory "g:". This directory was not added to the list of paths to be scanned.
20:43: Avertissement: SweepDirectories: Cannot find directory "f:". This directory was not added to the list of paths to be scanned.
20:43: Avertissement: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned.
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsdeffd710-18c7-4d7c-a4a5-cde3392009cb.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms0aca1cdf-bdc7-4c86-9047-a7fe9d1d231a.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms33065488-7f1b-4dbc-ba9d-adbf10be4654.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms9dc11b14-4df4-4228-9fa5-893cdc9b6c51.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms57ee3c3f-af95-4e71-a072-ffde72aea311.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms386a906b-6c9c-438f-af4d-a71ebdf3dc2e.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms4b6135c2-d973-40b8-9770-e72881e077cc.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms15bd6a77-5965-48d7-947d-3d2a6cfca596.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms04743e36-1dc5-4971-b44d-0020dcdc6766.tmp]
20:35: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsbbac5fe4-a1c7-40e4-b7bd-daac8638fc00.tmp]
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsdeffd710-18c7-4d7c-a4a5-cde3392009cb.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms0aca1cdf-bdc7-4c86-9047-a7fe9d1d231a.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms33065488-7f1b-4dbc-ba9d-adbf10be4654.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms9dc11b14-4df4-4228-9fa5-893cdc9b6c51.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms57ee3c3f-af95-4e71-a072-ffde72aea311.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms386a906b-6c9c-438f-af4d-a71ebdf3dc2e.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms4b6135c2-d973-40b8-9770-e72881e077cc.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms15bd6a77-5965-48d7-947d-3d2a6cfca596.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms04743e36-1dc5-4971-b44d-0020dcdc6766.tmp". Opération réussie
20:35: Avertissement: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsbbac5fe4-a1c7-40e4-b7bd-daac8638fc00.tmp". Opération réussie
20:34: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\default]
20:34: Avertissement: AntiVirus engine for IFO returned [File Corrupted] on [c:\windows\system32\christmas time 3d screensaver.scr]
20:33: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\propriétaire\ntuser.dat]
20:33: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\ntuser.dat]
20:33: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\networkservice\ntuser.dat]
20:33: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\software]
20:33: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\system]
20:32: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\hiberfil.sys]
20:32: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\pagefile.sys]
20:31: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsda765101-ceeb-4916-9153-df36fbf7996d.tmp]
20:24: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms95780521-986a-402b-a959-a142be2505c5.tmp]
20:24: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms6479e7d0-ea89-436f-a551-654d4d0433a1.tmp]
20:23: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms6c28f4c4-e0d8-45e1-b62c-f294efcc1c70.tmp]
20:23: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsfd0bc070-9383-49c4-afda-0868408ba48f.tmp]
20:22: Avertissement: AntiVirus engine for IFO returned [File Corrupted] on [c:\windows\system32\3d merry christmas screensaver.scr]
20:22: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsc8eae2e9-d5d9-47f4-972a-c2f61b03dbb8.tmp]
20:21: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms942165bb-e8a9-4c7a-a42e-cbe95f5ceb02.tmp]
20:20: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms43f50677-194c-43e7-883f-9440e8ea4657.tmp]
Trace marquée comme Toujours supprimer
20:17: C:\WINDOWS\system32\nsu6C.dll (ID = 0)
20:08: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms9224c3db-92d5-4ac7-8e5c-c6bada1fb92b.tmp]
Trace marquée comme Toujours supprimer
20:06: C:\WINDOWS\system32\gzmrotate.dll (ID = 0)
20:06: Menace marquée comme Toujours supprimer
20:06: Trouvé Mal/Heuri-E: Mal/Heuri-E
20:04: Avertissement: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\catroot2\tmp.edb]
20:03: Démarrage de l’analyse des fichiers
20:03: Avertissement: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
20:03: Analyse des cookies terminée, temps passé : 00:00:00
20:03: Démarrage de l’analyse des cookies
20:03: Analyse du Registre terminée, temps passé :00:00:19
20:03: Démarrage de l’analyse du Registre
20:03: Analyse de la mémoire terminée, temps passé : 00:02:32
20:00: Démarrage de l’analyse de la mémoire
20:00: ApplicationMinimized - EXIT
20:00: ApplicationMinimized - ENTER
20:00: Démarrer l’analyse planifiée
20:00: Analyse lancée avec la version des définitions 1000
A voir également:

5 réponses

Réponse 1 / 5
Utilisateur anonyme
2 oct. 2007 à 21:12
Bonsoir,
Télécharge ce programme :
http://download.hijackthis.eu/hijackthis_199.zip

Clique sur Ok et ensuite :
Do a system scan and save a logfile.

Ensuite colle le fichier texte ici.
0
Réponse 2 / 5
VERSEAU59 Messages postés 4 Date d'inscription samedi 15 septembre 2007 Statut Membre Dernière intervention 10 octobre 2007
3 oct. 2007 à 19:15
Logfile of HijackThis v1.99.1
Scan saved at 19:14:53, on 03/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] "c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [Sunkist2k] "C:\Program Files\Multimedia Card Reader\shwicon2k.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [regcmdcons] "c:\hp\bin\cloaker.exe" c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add a new emoticon - C:\Documents and Settings\Propriétaire\Bureau\Messenger MiX Live 1.1.0\MessengerMixLive_1.1\MixCE.htm
O8 - Extra context menu item: Set as My Display Picture - C:\Documents and Settings\Propriétaire\Bureau\Messenger MiX Live 1.1.0\MessengerMixLive_1.1\MixDP.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
0
Réponse 3 / 5
Utilisateur anonyme
3 oct. 2007 à 19:27
re,
coche la ou les cases , et puis après appuie sur fix checked pour :

C:\WINDOWS\ALCXMNTR.EXE

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE


Voila rien alertant
Je te conseil de télécharger CCleaner et faire un nettoyage : https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

Puis faire un scan en ligne (sous Internet Explorer et accepte l'ActiveX après start)
https://www.eset.com/int/home/online-scanner/
0
Réponse 4 / 5
VERSEAU59
5 oct. 2007 à 19:28
bonsoir merci de ton aide
j'ai fait ce que tu m'as dit j'ai cohé par contre n'es pas dans la liste C:\WINDOWS\ALCXMNTR.EXE
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

en regardanrt dans c: windows ALCXMNTR.EXE est une application installé depuis l'origine qui correspond à RealteK ac97 aUDIO.Event Monitor je ne sais pas si je dois supprimer directement de windows.

de plus j'ait une analyse avec virus keeper il ne détecte aucune virus et refait avec spy Sweeper il détecte de nouveau ce virus Mal/Heuri-E

je ne comprend pas pourquoi
merci quand même pour ton aide
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
Utilisateur anonyme
5 oct. 2007 à 19:31
tu as raison, ALCXMNTR.EXE est un fichier audio.
Mais il espionne aussi.

pour cela que je te demande de fix checked :
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

pour le "désactiver"


Je te demande de faire un scan en ligne ici :

Puis faire un scan en ligne (sous Internet Explorer et accepte l'ActiveX après start)
https://www.eset.com/int/home/online-scanner/
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Réglage pour réception Astra 19.2
10adamr -
10adamr -

4 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses