PC infecté chez particulier besoin d aide
Résolu
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
coucou les CCM, merci de me dire quoi faire pour ce pc!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:51, on 28/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
coucou les CCM, merci de me dire quoi faire pour ce pc!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:11:51, on 28/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
A voir également:
- PC infecté chez particulier besoin d aide
- Meilleur site de vente entre particulier - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
9 réponses
salut,
merci de ta réponse rapide,
ne vois tu rien sur HJT ?
Ce pc est infecté, il subit de gros ralentissement, spyxares entre autres (pub qui s affichent intempestivement) pas de déconnexion, plus de son sur le pc....
merci de ta réponse rapide,
ne vois tu rien sur HJT ?
Ce pc est infecté, il subit de gros ralentissement, spyxares entre autres (pub qui s affichent intempestivement) pas de déconnexion, plus de son sur le pc....
salut commence par instaler un anti virus et un pare feu ! met a jour l'anti virus et fait un scan en mode sans echec ! copie le rapport et colle le ici!
ps : pense a finir ta desinfection !
anti virus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel + complet
par feu : kerio 4.2 gratuit apres les 30 jours d´evaluation, seules quelques fonctions vont etre desactivées celles qui touche le net, mais facilement paré par l´utilisation de firefox et de ad blok plus par exemple ( plug in firefox)
https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org
moi j´utilise aussi le plug in https://addons.mozilla.org/fr/firefox/addon/433 il bloque les annimations flash et les remplace par un f clickable pour voir l ánnimation si desiré
kerio 4.2
https://forums.cnetfrance.fr
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
ps : pense a finir ta desinfection !
anti virus : antivir
https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel + complet
par feu : kerio 4.2 gratuit apres les 30 jours d´evaluation, seules quelques fonctions vont etre desactivées celles qui touche le net, mais facilement paré par l´utilisation de firefox et de ad blok plus par exemple ( plug in firefox)
https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org
moi j´utilise aussi le plug in https://addons.mozilla.org/fr/firefox/addon/433 il bloque les annimations flash et les remplace par un f clickable pour voir l ánnimation si desiré
kerio 4.2
https://forums.cnetfrance.fr
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
4h30 plus tard : voici le rapport du scan antivir
AntiVir PersonalEdition Classic
Report file date: vendredi 28 décembre 2007 22:54
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: NATH-6235D1E4E0
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 28 décembre 2007 22:54
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\' <HDD>
C:\host.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47e87111.qua'!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\admparse.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\advpack.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\browseui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\corpol.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\custsat.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\dxtmsft.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\dxtrans.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\extmgr.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\hmmapi.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\icardie.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ie4uinit.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieakeng.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieaksie.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieakui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieapfltr.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iedkcs32.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iedw.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieencode.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieframe.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iepeers.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieproxy.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iernonce.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iertutil.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iesetup.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieudinit.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iexplore.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\imgutil.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\inseng.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\jscript.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\jsproxy.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\licmgr10.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeeds.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeedsbs.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeedssync.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshta.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtml.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtmled.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtmler.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msls31.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msrating.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mstime.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\occache.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\pngfilt.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\shdocvw.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\shlwapi.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spmsg.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spuninst.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spupdsvc.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\url.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\urlmon.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\vbscript.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\vgx.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\webcheck.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\winfxdocobj.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\wininet.dll
[WARNING] The file could not be opened!
C:\WINDOWS\svchost.exe
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47d89a5c.qua'!
C:\WINDOWS\svchost.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47d89a63.qua'!
C:\WINDOWS\xcopy.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Perlovga.A.1
[INFO] The file was moved to '47e49a5c.qua'!
C:\WINDOWS\system32\temp1.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47e2a0bb.qua'!
C:\WINDOWS\system32\temp2.exe.xpx
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Small.LO Backdoor server programs
[INFO] The file was moved to '47e2a0bd.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: samedi 29 décembre 2007 02:28
Used time: 3:34:15 min
The scan has been done completely.
9286 Scanning directories
306974 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
58 Files cannot be scanned
306968 Files not concerned
3327 Archives were scanned
58 Warnings
0 Notes
AntiVir PersonalEdition Classic
Report file date: vendredi 28 décembre 2007 22:54
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: NATH-6235D1E4E0
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 28 décembre 2007 22:54
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\' <HDD>
C:\host.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47e87111.qua'!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\admparse.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\advpack.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\browseui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\corpol.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\custsat.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\dxtmsft.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\dxtrans.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\extmgr.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\hmmapi.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\icardie.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ie4uinit.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieakeng.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieaksie.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieakui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieapfltr.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iedkcs32.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iedw.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieencode.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieframe.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iepeers.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieproxy.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iernonce.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iertutil.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iesetup.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieudinit.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\ieui.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\iexplore.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\imgutil.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\inseng.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\jscript.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\jsproxy.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\licmgr10.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeeds.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeedsbs.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msfeedssync.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshta.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtml.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtmled.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mshtmler.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msls31.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\msrating.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\mstime.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\occache.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\pngfilt.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\shdocvw.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\shlwapi.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spmsg.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spuninst.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\spupdsvc.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\url.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\urlmon.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\vbscript.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\vgx.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\webcheck.dll
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\winfxdocobj.exe
[WARNING] The file could not be opened!
C:\24744656a33e967c0cced6f3fd\wininet.dll
[WARNING] The file could not be opened!
C:\WINDOWS\svchost.exe
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47d89a5c.qua'!
C:\WINDOWS\svchost.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47d89a63.qua'!
C:\WINDOWS\xcopy.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Perlovga.A.1
[INFO] The file was moved to '47e49a5c.qua'!
C:\WINDOWS\system32\temp1.exe.xpx
[DETECTION] Is the Trojan horse TR/Agent.xad
[INFO] The file was moved to '47e2a0bb.qua'!
C:\WINDOWS\system32\temp2.exe.xpx
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Small.LO Backdoor server programs
[INFO] The file was moved to '47e2a0bd.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: samedi 29 décembre 2007 02:28
Used time: 3:34:15 min
The scan has been done completely.
9286 Scanning directories
306974 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
58 Files cannot be scanned
306968 Files not concerned
3327 Archives were scanned
58 Warnings
0 Notes
Pb aussi de son, j'ai réinstallé le driver, sur télécharger drivers .com, mais impossible de faire l installation, merci de m indiquer procédures à suivre !
bonjour alors il va y avoir du travail , le proprietaire du pc aime la peche ? lol !! le pc et verole !!
Important : Tant que tu ne seras pas sur d'avoir éradiqué le ver, n'ouvre aucun de tes disques ou périphériques externes en te servant du double clic, sous peine de relancer l'infection.
Fais plutôt un clic droit sur l'icône du DD que tu veux ouvrir et clic sur "Explorer"
Téléchargez sur votre bureau RAV d 'Evosla : ici http://ww25.evosla.com/compteur.php?soft=rav_antivirus
** Si vous utilisez FireFox : faites un clic droit sur le lien et choisisez "Enregistrer la cible du lien sous..." , puis enregistrez sur le Bureau.
--- Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier RAV.exe
--- Branche tes disques amovible (clef usb,stick memoire,disque externe,............);
--- une fois RAV lancé laissez le réagir , il scan automatiquement tout les lecteurs (Disques fix et Amovible).
--- si un virus sera trouvé, un log s'établira, sinon rien ne va se passer et le soft affichera : Votre Ordinateur est Sain
--- Retire tes disques amovible et faits redémarrer votre ordinateur.
Tiens au courant.Poste le log
Important : Tant que tu ne seras pas sur d'avoir éradiqué le ver, n'ouvre aucun de tes disques ou périphériques externes en te servant du double clic, sous peine de relancer l'infection.
Fais plutôt un clic droit sur l'icône du DD que tu veux ouvrir et clic sur "Explorer"
Téléchargez sur votre bureau RAV d 'Evosla : ici http://ww25.evosla.com/compteur.php?soft=rav_antivirus
** Si vous utilisez FireFox : faites un clic droit sur le lien et choisisez "Enregistrer la cible du lien sous..." , puis enregistrez sur le Bureau.
--- Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier RAV.exe
--- Branche tes disques amovible (clef usb,stick memoire,disque externe,............);
--- une fois RAV lancé laissez le réagir , il scan automatiquement tout les lecteurs (Disques fix et Amovible).
--- si un virus sera trouvé, un log s'établira, sinon rien ne va se passer et le soft affichera : Votre Ordinateur est Sain
--- Retire tes disques amovible et faits redémarrer votre ordinateur.
Tiens au courant.Poste le log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:02, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
Scan saved at 22:16:02, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
re louve divine , re ^^marie^^ ,
Important : Tant que tu ne seras pas sur d'avoir éradiqué le ver, n'ouvre aucun de tes disques ou périphériques externes en te servant du double clic, sous peine de relancer l'infection.
Fais plutôt un clic droit sur l'icône du DD que tu veux ouvrir et clic sur "Explorer"
Téléchargez sur votre bureau RAV d 'Evosla : ici http://ww25.evosla.com/compteur.php?soft=rav_antivirus
** Si vous utilisez FireFox : faites un clic droit sur le lien et choisisez "Enregistrer la cible du lien sous..." , puis enregistrez sur le Bureau.
--- Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier RAV.exe
--- Branche tes disques amovible (clef usb,stick memoire,disque externe,............);
--- une fois RAV lancé laissez le réagir , il scan automatiquement tout les lecteurs (Disques fix et Amovible).
--- si un virus sera trouvé, un log s'établira, sinon rien ne va se passer et le soft affichera : Votre Ordinateur est Sain
--- Retire tes disques amovible et faits redémarrer votre ordinateur.
Tiens au courant.Poste le log
Important : Tant que tu ne seras pas sur d'avoir éradiqué le ver, n'ouvre aucun de tes disques ou périphériques externes en te servant du double clic, sous peine de relancer l'infection.
Fais plutôt un clic droit sur l'icône du DD que tu veux ouvrir et clic sur "Explorer"
Téléchargez sur votre bureau RAV d 'Evosla : ici http://ww25.evosla.com/compteur.php?soft=rav_antivirus
** Si vous utilisez FireFox : faites un clic droit sur le lien et choisisez "Enregistrer la cible du lien sous..." , puis enregistrez sur le Bureau.
--- Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier RAV.exe
--- Branche tes disques amovible (clef usb,stick memoire,disque externe,............);
--- une fois RAV lancé laissez le réagir , il scan automatiquement tout les lecteurs (Disques fix et Amovible).
--- si un virus sera trouvé, un log s'établira, sinon rien ne va se passer et le soft affichera : Votre Ordinateur est Sain
--- Retire tes disques amovible et faits redémarrer votre ordinateur.
Tiens au courant.Poste le log
