Sujet Précédent Sujet Suivant

Virus avc toolbar help help help

Résolu/Fermé
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009 - 13 nov. 2007 à 12:21
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009 - 21 nov. 2007 à 18:30
Bonjour,
bonsoir, je demande de l'aide a celui ou celle qui pourra répondre a ma détresse !!! g eu je ne sais comment sécurity toolbar 7.1 ki c mis sur mon pc et j'arrive pas a l'enlever !! j'ai installer hijackthis puis SmitfraudFix et j'ai obtenu ce rapport mais je ne sais quoi faire après pour enlever ce truc qui m'embete plus qu'un peu !!! aider moi svp merci
voici le rapport de SmitfraudFix

SmitFraudFix v2.252

Rapport fait à 20:06:35,76, 12/11/2007
Executé à partir de C:\Documents and Settings\Compaq_Propri‚taire\Mes documents\antonio.da-rocha\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\jvbaimlr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Compaq_Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Compaq_Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\COMPAQ~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\SpywareLocked 3.5\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:/DOCUME~1/COMPAQ~1/LOCALS~1/Temp/msohtml1/01/clip_image 001.jpg"
"SubscribedURL"="file:///C:/DOCUME~1/COMPAQ~1/LOCALS~1/Temp/msohtml1/01/cli p_image001.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler ]
"{4233ac08-a2c4-4742-a0b4-83719613d62c}"="grassily"

[HKEY_CLASSES_ROOT\CLSID\{4233ac08-a2c4-4742-a0b4-83719613d62c}\InProcServer32]
@="C:\WINDOWS\system32\ilmpjy.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4233ac08-a2c4-4742-a0b4-83719613d62c}\InProcSe rver32]
@="C:\WINDOWS\system32\ilmpjy.dll"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\__c00C2CF9.dat"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 15.243.128.51
DNS Server Search Order: 15.243.160.51

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 81.253.149.9
DNS Server Search Order: 80.10.246.132

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1032887A-C45E-4499-8F1B-5CE1CEB25643}: NameServer=81.253.149.9 80.10.246.132
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1032887A-C45E-4499-8F1B-5CE1CEB25643}: NameServer=81.253.149.9 80.10.246.132
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer=15.243.128.51 15.243.160.51


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
A voir également:

49 réponses

Précédent
Réponse 21 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
14 nov. 2007 à 21:06
g donc plus sécurity toolbar qui s'affiche donc déjà merci bcp !!
commen faire pour désactiver avast vu ke je n'est plus l'icone en bas a droite de mon écran ?
voila le nouvo rapport de hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:10, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\kan on avé sécurity\HijackThis.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{1032887A-C45E-4499-8F1B-5CE1CEB25643}: NameServer = 80.10.246.130 80.10.246.3
O20 - Winlogon Notify: fohtdnkc - fohtdnkc.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
0
Réponse 22 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
14 nov. 2007 à 21:13
je t'envoi le rapport de antivir demain si tu veu bien car la je suis H.S j'en peu plus g eu une grosse journée !!!
mais en tout les cas je te remercie vraimen bcp pour ton aide que tu ma donner jusqu'à présent !!!
je te dit a demain !! ;-)
bisous
0
Réponse 23 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
15 nov. 2007 à 17:24
voici le rapport de antivir



AntiVir PersonalEdition Classic
Report file date: jeudi 15 novembre 2007 15:03

Scanning for 929559 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ANTONIO

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 20:02:46
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 20:02:47
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 20:02:47
ANTIVIR3.VDF : 7.0.0.217 63488 Bytes 14/11/2007 20:02:47
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 14/11/2007 20:02:52
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 15 novembre 2007 15:03

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'EspaceWanadoo.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KodakCCS.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Lexpps.exe' - '1' Module(s) have been scanned
Scan process 'LexBceS.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '26' files ).


Starting the file scan:

Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\backups\backup-20071114-192657-564.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '479f5687.qua'!
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\backups\backup-20071114-192657-577.dll
[DETECTION] Is the Trojan horse TR/Vundo.AS
[INFO] The file was moved to '479f568b.qua'!
C:\Program Files\eMule\Incoming\tt pr les portables\115+ Toques Polifonicos - Nokia Siemens Sharp... (dos melhores!!!- U2 HOOBASTANK RASMUS NIGHTWISH DANCE MUSIC SOUNDTRACKS ETC).ace
[0] Archive type: ACE
--> Filme - MissÆo Imposs¡vel2.mp3
[WARNING] Error creating the file
--> Filme - Phantom of the Opera.mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '47aa67d9.qua'!
C:\qoobox\Quarantine\catchme2007-11-14_170624.45.zip
[0] Archive type: ZIP
--> mljjh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47b068e2.qua'!
C:\qoobox\Quarantine\C\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Purity.DZ.3
[INFO] The file was moved to '47b668eb.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjh.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '47a668fe.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\__c00C2CF9.dat.vir
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '479f68f5.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\~.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Brosys
[INFO] The file was moved to '47a168c8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP526\A0267449.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agen.ZV.1.B
[INFO] The file was moved to '476e6a48.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP526\A0267451.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '476e6a4b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP526\A0267452.exe
[DETECTION] Is the Trojan horse TR/Drop.BHO.A.1
[INFO] The file was moved to '476e6a4e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP527\A0268532.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '476e6a54.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP527\A0268533.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '476e6a59.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP527\A0268550.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e6a5c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP528\A0268562.exe
[DETECTION] Is the Trojan horse TR/Dldr.Purity.DZ.3
[INFO] The file was moved to '476e6a71.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP528\A0268563.exe
[DETECTION] Is the Trojan horse TR/Dldr.Brosys
[INFO] The file was moved to '476e6a74.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP528\A0268571.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '476e6a76.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP536\A0269604.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was moved to '476e6acb.qua'!
C:\VundoFix Backups\iqnrrvxl.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47aa6b11.qua'!
C:\VundoFix Backups\seehuqtm.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a16b0e.qua'!
C:\WINDOWS\system32\abtgswfr.dll
[DETECTION] Is the Trojan horse TR/Vundo.AS
[INFO] The file was moved to '47b06e9a.qua'!
C:\WINDOWS\system32\mnbyxnqy.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '479e6ee7.qua'!
C:\WINDOWS\system32\swtjnvhx.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47b06f1e.qua'!
C:\WINDOWS\system32\tvayjebq.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '479d6f26.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\fohtdnkc.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a46fea.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\ktndoulv.dll
[DETECTION] Is the Trojan horse TR/Vundo.AS
[INFO] The file was moved to '47aa6ff3.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\taxynlem.dll
[DETECTION] Is the Trojan horse TR/Vundo.AT
[INFO] The file was moved to '47b46fe4.qua'!
Begin scan in 'D:\' <PRESARIO_RP>


End of the scan: jeudi 15 novembre 2007 17:19
Used time: 2:15:43 min

The scan has been done completely.

9872 Scanning directories
533239 Files were scanned
27 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
533212 Files not concerned
15969 Archives were scanned
5 Warnings
0 Notes
0
Réponse 24 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
15 nov. 2007 à 17:26
et voila un nouveau rapport de hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:50, on 15/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\kan on avé sécurity\HijackThis.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{1032887A-C45E-4499-8F1B-5CE1CEB25643}: NameServer = 81.253.149.9 80.10.246.132
O20 - Winlogon Notify: fohtdnkc - fohtdnkc.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
15 nov. 2007 à 22:10
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O20 - Winlogon Notify: fohtdnkc - fohtdnkc.dll (file missing)
________________
vire ce qui est dans quarantine en allant dans poste de travail puis...

C:\qoobox\Quarantine
_______________
antivir a trouvé des virus dans ta restauration donc:

désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

puis redemarre ton ordi

puis réactive là

___________________


utilise pour supprimer tes traces (a utiliser toutes les semaines)

CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
___________________
scan avec :

spybot : (si vous avez une version instalée avant sept 2007 changer là par la version 1.5)

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

__________________

installe en plus de ccleaner, antivir et spybot, spywareblaster pour etre bien protégé notamment contre vundo!

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/28872.html
_________________


recolle ensuite un rapport hijackthis en le renommant cette fois come indiqué precedemment, recolle un rapport antivir et refais un nouveau combofix et colle le rapport
dis moi aussi tes soucis



a plus
0
Réponse 26 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
16 nov. 2007 à 17:35
je compren comment il faut utilisé spywareblaster c tout en anglais é je sui une quiche en anglais lol
0
Réponse 27 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
16 nov. 2007 à 22:40
SPYWAREBLASTER utile pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
0
Réponse 28 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
17 nov. 2007 à 12:19
<ital><gras>voila le rapport de hijackthis !!! j"ai pas compri en koi tu voulais ke je renomme hijackthis !!!</ital></gras>


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:12, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\kan on avé sécurity\HijackThis.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{1032887A-C45E-4499-8F1B-5CE1CEB25643}: NameServer = 81.253.149.9 80.10.246.132
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
0
Réponse 29 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
17 nov. 2007 à 12:19
c'est quoi vundo ?
0
Réponse 30 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
17 nov. 2007 à 12:27
voila rapport de combofix

ComboFix 07-11-08.1 - Compaq_Propriétaire 2007-11-17 12:20:23.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.162 [GMT 1:00]
Running from: C:\Documents and Settings\Compaq_Propriétaire\Mes documents\antonio.da-rocha\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-17 to 2007-11-17 ))))))))))))))))))))))))))))))))))))
.

2007-11-16 17:29 <REP> d-------- C:\Program Files\SpywareBlaster
2007-11-16 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-16 17:23 <REP> d-------- C:\Program Files\CCleaner
2007-11-14 20:53 <REP> d-------- C:\Program Files\Avira
2007-11-14 20:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-14 19:57 <REP> d-------- C:\Program Files\Panda Security
2007-11-14 16:21 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-14 16:08 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-11-14 15:54 <REP> d-------- C:\VundoFix Backups
2007-11-13 16:48 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Grisoft
2007-11-13 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-13 16:47 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-13 15:51 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-12 20:54 <REP> d-------- C:\Program Files\Navilog1
2007-11-12 20:02 4,378 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-12 20:00 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-12 20:00 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-12 20:00 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-12 20:00 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-12 18:28 <REP> d-------- C:\WINDOWS\Google Toolbar
2007-11-11 12:14 <REP> d--h----- C:\Program Files\ApplePie
2007-11-09 15:32 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-09 06:00 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-09 05:59 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-08 16:53 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\CamfrogWEB
2007-11-08 16:26 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-08 16:24 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-11-08 16:09 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-08 16:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-23 17:49 586,752 --a------ C:\WINDOWS\WLXPGSS.SCR
2007-10-19 16:41 <REP> d-------- C:\Program Files\orange
2007-10-18 11:31 51,224 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-10-17 19:16 <REP> d-------- C:\Program Files\MyPhoneExplorer
2007-10-17 19:16 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\MyPhoneExplorer
2007-10-17 18:01 87,456 --a------ C:\WINDOWS\system32\drivers\k600mdm.sys
2007-10-17 18:01 79,248 --a------ C:\WINDOWS\system32\drivers\k600mgmt.sys
2007-10-17 18:01 77,072 --a------ C:\WINDOWS\system32\drivers\k600obex.sys
2007-10-17 18:01 52,384 --a------ C:\WINDOWS\system32\drivers\k600bus.sys
2007-10-17 18:01 6,112 --a------ C:\WINDOWS\system32\drivers\k600cmnt.sys
2007-10-17 18:01 6,112 --a------ C:\WINDOWS\system32\drivers\k600cm.sys
2007-10-17 18:01 6,096 --a------ C:\WINDOWS\system32\drivers\k600mdfl.sys
2007-10-17 18:01 5,744 --a------ C:\WINDOWS\system32\drivers\k600whnt.sys
2007-10-17 18:01 5,744 --a------ C:\WINDOWS\system32\drivers\k600wh.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-17 11:11 --------- d-----w C:\Program Files\Wanadoo
2007-11-15 14:12 --------- d-----w C:\Program Files\Google
2007-11-14 19:22 --------- d-----w C:\Program Files\Lavasoft
2007-11-14 19:22 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Lavasoft
2007-11-12 17:39 --------- d-----w C:\Program Files\MSN Messenger
2007-11-12 17:38 --------- d-----w C:\Program Files\Silkroad
2007-11-09 17:45 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Image Zone Express
2007-11-08 15:26 --------- d-----w C:\Program Files\Windows Live
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 16:24 815,480 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-10-25 16:14 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-10-17 13:34 --------- d-----w C:\Program Files\EA GAMES
2007-10-14 12:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 12:27 --------- d-----w C:\Program Files\Veoh Networks
2007-10-13 18:02 --------- d-----w C:\Program Files\LimeWire
2007-10-02 10:08 --------- d-----w C:\Program Files\Audio MP3 Converter
2007-10-02 10:05 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\STOIK
2007-09-30 07:36 1,632 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2007-09-28 17:02 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Printer Info Cache
2007-09-28 17:01 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\HP
2007-09-28 16:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WEBREG
2007-09-28 16:38 --------- d-----w C:\Program Files\Hp
2007-09-28 16:38 --------- d-----w C:\Program Files\Fichiers communs\HP
2007-09-28 16:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2007-09-28 16:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2007-09-28 16:35 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2007-09-28 16:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 09:59 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 09:59 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 09:59 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 09:59 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 09:59 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 09:59 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 09:59 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 09:59 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 09:59 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 09:59 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 09:59 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 09:59 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 09:59 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:22 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:22 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-03-09 17:42 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-03-20 19:42 8 ----a-w C:\Documents and Settings\Compaq_Propriétaire\.bztarotcumul.dat
2006-03-20 19:42 8 ----a-w C:\Documents and Settings\Compaq_Propriétaire\.bztarotcumul.dat
2006-02-26 15:35:27 56 -csh--r C:\WINDOWS\system32\C2453A3C7B.sys
2006-02-26 15:35:45 3,350 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2007-11-14_17.10.13.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-15 14:41:38 91,488 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2007-11-15 14:41:35 103,776 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2007-08-22 08:55:28 12,592 ----a-w C:\WINDOWS\Downloaded Program Files\LibComm.dll
+ 2007-08-22 08:55:30 38,280 ----a-w C:\WINDOWS\Downloaded Program Files\NanoInst.dll
+ 2007-08-22 08:55:34 43,824 ----a-w C:\WINDOWS\Downloaded Program Files\PSComm.dll
+ 2007-08-22 08:55:36 100,656 ----a-w C:\WINDOWS\Downloaded Program Files\PSNAdbrk.dll
- 2007-11-12 19:32:37 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-11-15 14:43:37 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-11-12 19:32:38 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-11-15 14:43:38 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-11-12 19:32:38 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-11-15 14:43:38 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-11-12 19:32:37 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-11-15 14:43:36 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-11-12 19:32:38 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-11-15 14:43:38 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-11-12 19:32:38 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-11-15 14:43:39 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-11-12 19:32:38 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-11-15 14:43:39 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-11-12 19:32:38 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-11-15 14:43:39 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-11-12 19:32:37 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-11-15 14:43:37 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-11-12 19:32:37 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-11-15 14:43:36 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-11-12 19:32:38 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-11-15 14:43:40 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-11-12 19:32:37 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-11-15 14:43:36 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-11-12 19:32:37 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-11-15 14:43:35 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-14 20:02:53 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
- 2007-11-12 19:35:12 255,064 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-11-16 16:01:38 255,064 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2003-06-18 23:31:48 17,920 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2007-04-09 12:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-12-19 21:49:47 8,509,952 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\system32\shell32.dll
- 2003-06-18 23:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 12:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2003-06-18 23:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 12:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2003-06-18 23:31:44 758,784 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 12:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2003-06-18 23:31:46 35,328 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 12:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2003-06-18 23:31:48 18,944 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 12:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
- 2007-06-18 22:24:36 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:07:16 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-02 14:59]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-14 21:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 19:00]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-11-15 15:12]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\system32\DRIVERS\bsstor.sys
R2 Vcs;Vcs support;\??\C:\WINDOWS\system32\Drivers\Vcs.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 jatmlano;jatmlano;\??\C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\jatmlano.sys
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys
S3 MR97310_USB_DUAL_CAMERA;XDC-100;C:\WINDOWS\system32\DRIVERS\mr97310c.sys
S3 sh3bus;SHARP 3G GSM USB Control driver (WDM);C:\WINDOWS\system32\DRIVERS\sh3bus.sys
S3 sh3mdfl;SHARP 3G GSM USB Modem Filter;C:\WINDOWS\system32\DRIVERS\sh3mdfl.sys
S3 sh3mdm;SHARP 3G GSM USB Modem Driver;C:\WINDOWS\system32\DRIVERS\sh3mdm.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S4 BsUDF;InCD UDF Driver;C:\WINDOWS\system32\drivers\BsUDF.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-23 16:24:07 C:\WINDOWS\Tasks\HPCeeSchedule.job"
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-17 12:25:25
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-17 12:26:38
C:\ComboFix2.txt ... 2007-11-14 19:52
C:\ComboFix3.txt ... 2007-11-14 17:14
.
--- E O F ---
0
Réponse 31 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
17 nov. 2007 à 12:28
anitvir me détecte des trojan é dans la page sa m'affiche access deny je laisse cette case coché ou pas ?!
0
Réponse 32 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
17 nov. 2007 à 18:13
vire manuellement les fichiers dans vundobackups en allant dans poste de travail puis C...

C:\VundoFix Backups\

___________________

vire manuellement les fichiers dans MovedFiles

C:\_OTMoveIt\MovedFiles\

_____________________

vundo est l'infection que tu avais quii entraine notamment des pubs...

_____________________

colle le rapport d'un scan avec antivir en mode sans echec


_______________________

dis moi ensuite apres avoir redemarrer normalement tes soucis



a plus
0
Réponse 33 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
19 nov. 2007 à 18:24
bonjour g donc fait ce que tu m'as demandé mais antivir en mode sans échec reste bloqué a 13% pendant des heures !!! que dois -je faire stp ?
0
Réponse 34 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
19 nov. 2007 à 19:08
scan avec antivir en mode normal et colle le rapport
0
Réponse 35 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
19 nov. 2007 à 19:38
ok je v faire ça
0
Réponse 36 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
19 nov. 2007 à 19:48
ok
a plus
0
Réponse 37 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
20 nov. 2007 à 17:16
bjr voila le rapport de antivir réalisé en mode normal !!!


AntiVir PersonalEdition Classic
Report file date: mardi 20 novembre 2007 15:11

Scanning for 934996 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ANTONIO

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 20:02:46
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 20:02:47
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 20:02:47
ANTIVIR3.VDF : 7.0.0.233 131584 Bytes 19/11/2007 15:50:50
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 14/11/2007 20:02:52
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 20 novembre 2007 15:11

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KodakCCS.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'Lexpps.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LexBceS.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '26' files ).


Starting the file scan:

Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\eMule\Incoming\tt pr les portables\115+ Toques Polifonicos - Nokia Siemens Sharp... (dos melhores!!!- U2 HOOBASTANK RASMUS NIGHTWISH DANCE MUSIC SOUNDTRACKS ETC).ace
[0] Archive type: ACE
--> Filme - MissÆo Imposs¡vel2.mp3
[WARNING] Error creating the file
--> Filme - Phantom of the Opera.mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <PRESARIO_RP>


End of the scan: mardi 20 novembre 2007 17:12
Used time: 2:01:16 min

The scan has been done completely.

8435 Scanning directories
500584 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
500584 Files not concerned
15881 Archives were scanned
5 Warnings
0 Notes
0
Réponse 38 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 nov. 2007 à 18:15
ok rien dans antivir



encore des pbs?

si pas de pb c'est bon

bonne continuation
0
Réponse 39 / 49
romaingog Messages postés 43 Date d'inscription mardi 13 novembre 2007 Statut Membre Dernière intervention 6 janvier 2009
20 nov. 2007 à 18:45
ok ba je te remerci bien !!!
tu fé koi comme taf di dc car t bien calé !!!!

dit moi ce ke je pourrai désinstallé car mon pc rame pas mal a moin ke tu es une solution pour faire en sorte kil rame moin ?!

merci d'avance
0
Réponse 40 / 49
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 nov. 2007 à 18:59
je soigne les gens



_________________

tu peux virer dans ajout/suppression de programme si present

Veoh Browser
________________

tu peux defragmenter aussi ton ordi pour accelerer un peu


_________________




pour protéger gratos ton ordi: (ce qui n'est pas cité tu vire)



http://www.commentcamarche.net/telecharger/logiciel 4 securite


mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
SPYBOT + AD AWARE

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses