Sujet Précédent Sujet Suivant

Bugg des que je clik sur incoming??????

cesar30clou -  
 Utilisateur anonyme -
Bonjour,bonne année a tous voila des que je me rends sur incoming l'ordi se met a bugger et je suis obligé de faire ctrl,alt et supprim pour me sortir de la puis terminer maintenant et envoyer rapport car windows a rencontrer une erreur un vrai casse tete qui me rend fou voila d'avance merci pour l'aide apporter ciao

27 réponses

  • 1
  • 2
Réponse 1 / 27
Utilisateur anonyme
 
Salut et bonne année,
Incomming...???

Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis
- Lance Hijackthis
- Puis sélectionne < do a system scan and save a logfile >,
Et envoie, par collier/coller, ton log Hijackthis sur le forum,
0
Réponse 2 / 27
cesar30clou
 
salut dIIdet bonne année et une santé..voila je ren
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\eMule\emule.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.87 85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.87 85.255.112.234
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 3 / 27
cesar30
 
salut et bonne année a tous voila mon rapport hijackthis sur mon probleme de bugg,merci pour votre aide ..a +
0
Réponse 4 / 27
Utilisateur anonyme
 
OK,
Je regarde...
Désinstalle PartyPoker et P2P Networking.

> Télécharge, puis installe MSNFix,
- Décompresse le dossier zip MSNFix et lance le fichier "MSNFix.bat". Une fenêtre bleue doit apparaitre.
- Mets l'interface en français en appuyant sur la touche F puis sur Entrée.
- Lance la recherche de virus en appuyant sur la touche R puis sur Entrée.
Si un virus est détecté, il te sera alors demandé de nettoyer l'ordinateur.
Un message d'erreur concernant la suppression impossible d'un fichier sera résolu par un redémarrage.
Après le nettoyage, la barre "Démarrer" s'efface puis réapparait, cela fait partie de la procédure de nettoyage.

Si ta barre "Démarrer" ne s'affiche toujours pas, il suffit de faire :
Ctrl + Alt + Suppr (sous Windows XP), ou Ctrl + Maj + Echap (sous Windows Vista) pour ouvrir le Gestionnaire de tâches Windows.
- Fais ensuite "Fichier", puis "Nouvelle tâche" et tape < explorer.exe > dans la fenêtre qui apparait et finis par "OK".

> Redémarre ton ordinateur pour achever le nettoyage !

> Dis mois s'il a fixé quelque chose.

> Renvoie un log HiJack stp,

A+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
cesar30
 
dIId,ca m'affiche inc d'un coté et a coté msnfix,fichier commande ms.dos,je lance mais rien ne s'affiche aucune fenetre meme avec f puis entrée.????? voila et party poker je le trouve nulle part et p2p networking c'est quoi ? MERCI MAIS CA VAS ETRE DELICAT JE SUIS NOVICE (LOL)
0
Réponse 6 / 27
Utilisateur anonyme
 
Ok,
on va faire autrement :

> Tu vas télécharger, puis installer LiveKill Clean Messenger
(Voici un autre lien)
Lance le programme, puis désinfecte.

Et reposte un HiJack
0
Réponse 7 / 27
cesar30
 
ok dII d test effectué aucun virus detecté je te repose un hijack merci de ta patience
0
Réponse 8 / 27
Utilisateur anonyme
 
Ok,
> Rends toi ensuite sur ce site virustotal et fais analyser le fichier :

C:\WINDOWS\system32\P2P Networking\P2P Networking.exe

et poste moi le resultat par copier/coller stp.

Après on fixera les lignes non légitimes de HiJack.

A+
0
Réponse 9 / 27
cesar30
 
voila le hijack apres antivirus je fais la suite
0
Réponse 10 / 27
cesar30
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.87 85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.87 85.255.112.234
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 11 / 27
cesar30
 
0 bytes size received / Se ha recibido un archivo vacio,resultat virustotal
0
Réponse 12 / 27
Utilisateur anonyme
 
Salut,
le scan n'a pas fonctionné : 0 bytes size received,
Assure toi que le fichier soit bien transféré jusqu'au site...
pour celà : inscript le nom (chemin) complet :

C:\WINDOWS\system32\P2P Networking\P2P Networking.exe

J'avais commencé à t'écrire une procedure, mais v'lan...j'ai fermé la fenêtre...je recommence..

Envoie moi le résultat virustotal stp...
0
Réponse 13 / 27
cesar30
 
désolé mais meme resultat
0
Réponse 14 / 27
Utilisateur anonyme
 
Ensuite :
Peux-tu vérifier ta console JAVA ici, ensuite :

> Lance Hijackthis :
> Puis sélectionne < do a system scan only >
> Coche les cases des lignes suivantes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab

Ensuite,
> Ferme toutes les autres fenêtres et applications (même internet)
> Clic sur "fixe checked"

> Télécharge et installe sur ton PC AVG anti-spyware, fais les mises à jour puis ferme le programme.

> Télécharge et installe Ccleaner, si besoin est tu trouveras des Tutoriaux ici, ici et là, fais les mises à jour puis ferme le programme.

> Démarre en mode sans échec : (image). Si problème : tuto ici

> Lance AVG,
- Clique sur le menu Analyse (de la barre d'outils). Clique après sur l'onglet Paramètres, puis <Dans Comment réagir?> clique sur <Actions recommandées> et choisi <Quarantaine>.
- Vérifie que toutes les cases sont cochées dans <Comment faire l'analyse ?> et dans <Programmes potentiellement dangereux> et vérifie que le bouton-radio <Générer un rapport après chaque analyse> soit aussi coché.
- Vas dans l'onglet 'Analyse', puis clique <Analyse complète du système>.
- Fais un copier/coller du rapport dans ton prochain poste.
Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis clique sur "Appliquer toutes les actions" afin de tout supprimer automatiquement.

> Lance Ccleaner,,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).

> Relance ton PC.

> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,

Et envoie, par collier/coller, ton log Hijackthis stp,

Quel est ton FAI ? (free, orange...)
Sincèrement, ta version kasperky crackée ?

Peux tu aussi envoyer un virusscan de :

C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

A+

--
0
Réponse 15 / 27
cesar30
 
ok java pas la bonne version et oui kaspersky crackée par un ami a moi,que faire pour java desinstallé ?
0
Réponse 16 / 27
Utilisateur anonyme
 
Ok, très bien

Oui : désinstalle JAVA (prog et update) et surtout kasperky.
A la place (pour l' AV) :
Antivirus gratuits : http://www.inoculer.com/gratuits.php3
> Essaye d'installer Antivir : ouvre ce lien, lis le tuto, télécharge Antivir et installe le
Tu peux aussi télecharger Antivir ICI.
Lance Antivir, fais les mises à jours, puis lance un scan (si des virus sont découverts, mets les en quarantaine. Si tu ne peux pas alors supprime les).
A la fin du scan clique sur 'report', enregistre ce rapport sur le bureau (fichier => enregistrer sous), puis fait un copier/coller de ce rapport dans ton prochain message.

> Effectue ensuite le poste 14 stp. et dis moi chez qui tu es pour internet.(FAI)

A+
0
Réponse 17 / 27
cesar30
 
salut dIId,voila comme convenu le rapport antivir,avec effectivement des anomalies,et si peu me donner un antivirus qui peut me remplacer ce kasp
AntiVir PersonalEdition Classic
Report file date: jeudi 3 janvier 2008 23:08

Scanning for 1000067 virus strains and unwanted

programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-DC6C4D74B4

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007

13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007

13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007

12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007

15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007

12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007

14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007

22:06:35
ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 28/12/2007

22:06:35
ANTIVIR3.VDF : 7.0.1.191 84480 Bytes 03/01/2008

22:06:35
AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 03/01/2008

22:06:36
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007

10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007

07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007

13:16:24
AVPACK32.DLL : 7.6.0.2 360488 Bytes 03/01/2008

22:06:36
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007

07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007

12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007

07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007

11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007

12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007

12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007

09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir

personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 3 janvier 2008 23:08

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been

scanned
Scan process 'avcenter.exe' - '1' Module(s) have been

scanned
Scan process 'sched.exe' - '1' Module(s) have been

scanned
Scan process 'avgnt.exe' - '1' Module(s) have been

scanned
Scan process 'avguard.exe' - '1' Module(s) have been

scanned
Scan process 'jusched.exe' - '1' Module(s) have been

scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been

scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been

scanned
Scan process 'iexplore.exe' - '1' Module(s) have been

scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been

scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been

scanned
Scan process 'hposts08.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been

scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been

scanned
Scan process 'epmworker.exe' - '1' Module(s) have been

scanned
Scan process 'Generic.exe' - '1' Module(s) have been

scanned
Scan process 'emule.exe' - '1' Module(s) have been

scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been

scanned
Scan process 'mpbtn.exe' - '1' Module(s) have been

scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been

scanned
Scan process 'hpoevm08.exe' - '1' Module(s) have been

scanned
Scan process 'ehSched.exe' - '1' Module(s) have been

scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been

scanned
Scan process 'avp.exe' - '0' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been

scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have

been scanned
Scan process 'FINDFAST.EXE' - '1' Module(s) have been

scanned
Scan process 'hpotdd01.exe' - '1' Module(s) have been

scanned
Scan process 'hpohmr08.exe' - '1' Module(s) have been

scanned
Scan process 'OSA.EXE' - '1' Module(s) have been scanned
Scan process 'ZDWlan.exe' - '1' Module(s) have been

scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have

been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been

scanned
Scan process 'avgas.exe' - '1' Module(s) have been

scanned
Scan process 'qttask.exe' - '1' Module(s) have been

scanned
Scan process 'avp.exe' - '0' Module(s) have been scanned
Scan process 'SaiMfd.exe' - '1' Module(s) have been

scanned
Scan process 'Profiler.exe' - '1' Module(s) have been

scanned
Scan process 'vVX1000.exe' - '1' Module(s) have been

scanned
Scan process 'MotiveSB.exe' - '1' Module(s) have been

scanned
Scan process 'eDSloader.exe' - '1' Module(s) have been

scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been

scanned
Scan process 'SysMonitor.exe' - '1' Module(s) have been

scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been

scanned
Scan process 'ehtray.exe' - '1' Module(s) have been

scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been

scanned
Scan process 'explorer.exe' - '1' Module(s) have been

scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been

scanned
Scan process 'lsass.exe' - '1' Module(s) have been

scanned
Scan process 'services.exe' - '1' Module(s) have been

scanned
Scan process 'winlogon.exe' - '1' Module(s) have been

scanned
Scan process 'csrss.exe' - '1' Module(s) have been

scanned
Scan process 'smss.exe' - '1' Module(s) have been

scanned
62 processes with 62 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '50' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\guillemain\Local

Settings\Temporary Internet Files\Content.IE5\C1VYP2I7

\club-internet_fr[1].html
[DETECTION] Contains detection pattern of the HTML

script virus HTML/Infected.WebPage.Gen
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\Documents and Settings\guillemain\Mes

documents\Mes fichiers reçus\Setup.exe
[DETECTION] Contains detection pattern of the

dropper DR/Dldr.Agent.fct
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\Program Files\Club-

Internet\Assistance\OutilsCI\uninstall.exe
[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ZQN
[INFO] The file was deleted!
C:\System Volume Information\_restore{54887473-E0E8-

4E40-8CB4-34743021C726}\RP371\A0517456.exe
[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ZQN
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\System Volume Information\_restore{54887473-E0E8-

4E40-8CB4-34743021C726}\RP371\A0529792.exe
[DETECTION] Contains detection pattern of the

dropper DR/180Solutions.AY.1
[INFO] The file was moved to '47b2ef8e.qua'!
Begin scan in 'D:\' <ACERDATA>

End of the scan: vendredi 4 janvier 2008 10:04
Used time: 10:56:20 min

The scan has been done completely.

9114 Scanning directories
328122 Files were scanned
4 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
1 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
328118 Files not concerned
8280 Archives were scanned
5 Warnings
0 Notes

ersky par la suite ca serait genial.a plus tard je commence a respirer ca fait plaisir....
0
Réponse 18 / 27
cesar30
 
salut dIId,voila comme convenu le rapport antivir,avec effectivement des anomalies,et si peu me donner un antivirus qui peut me remplacer ce kasp
AntiVir PersonalEdition Classic
Report file date: jeudi 3 janvier 2008 23:08

Scanning for 1000067 virus strains and unwanted

programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-DC6C4D74B4

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007

13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007

13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007

12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007

15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007

12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007

14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007

22:06:35
ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 28/12/2007

22:06:35
ANTIVIR3.VDF : 7.0.1.191 84480 Bytes 03/01/2008

22:06:35
AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 03/01/2008

22:06:36
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007

10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007

07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007

13:16:24
AVPACK32.DLL : 7.6.0.2 360488 Bytes 03/01/2008

22:06:36
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007

07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007

12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007

07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007

11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007

12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007

12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007

09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir

personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 3 janvier 2008 23:08

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been

scanned
Scan process 'avcenter.exe' - '1' Module(s) have been

scanned
Scan process 'sched.exe' - '1' Module(s) have been

scanned
Scan process 'avgnt.exe' - '1' Module(s) have been

scanned
Scan process 'avguard.exe' - '1' Module(s) have been

scanned
Scan process 'jusched.exe' - '1' Module(s) have been

scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been

scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been

scanned
Scan process 'iexplore.exe' - '1' Module(s) have been

scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been

scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been

scanned
Scan process 'hposts08.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been

scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been

scanned
Scan process 'epmworker.exe' - '1' Module(s) have been

scanned
Scan process 'Generic.exe' - '1' Module(s) have been

scanned
Scan process 'emule.exe' - '1' Module(s) have been

scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been

scanned
Scan process 'mpbtn.exe' - '1' Module(s) have been

scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been

scanned
Scan process 'hpoevm08.exe' - '1' Module(s) have been

scanned
Scan process 'ehSched.exe' - '1' Module(s) have been

scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been

scanned
Scan process 'avp.exe' - '0' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been

scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have

been scanned
Scan process 'FINDFAST.EXE' - '1' Module(s) have been

scanned
Scan process 'hpotdd01.exe' - '1' Module(s) have been

scanned
Scan process 'hpohmr08.exe' - '1' Module(s) have been

scanned
Scan process 'OSA.EXE' - '1' Module(s) have been scanned
Scan process 'ZDWlan.exe' - '1' Module(s) have been

scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have

been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been

scanned
Scan process 'avgas.exe' - '1' Module(s) have been

scanned
Scan process 'qttask.exe' - '1' Module(s) have been

scanned
Scan process 'avp.exe' - '0' Module(s) have been scanned
Scan process 'SaiMfd.exe' - '1' Module(s) have been

scanned
Scan process 'Profiler.exe' - '1' Module(s) have been

scanned
Scan process 'vVX1000.exe' - '1' Module(s) have been

scanned
Scan process 'MotiveSB.exe' - '1' Module(s) have been

scanned
Scan process 'eDSloader.exe' - '1' Module(s) have been

scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been

scanned
Scan process 'SysMonitor.exe' - '1' Module(s) have been

scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been

scanned
Scan process 'ehtray.exe' - '1' Module(s) have been

scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been

scanned
Scan process 'explorer.exe' - '1' Module(s) have been

scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'svchost.exe' - '1' Module(s) have been

scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been

scanned
Scan process 'lsass.exe' - '1' Module(s) have been

scanned
Scan process 'services.exe' - '1' Module(s) have been

scanned
Scan process 'winlogon.exe' - '1' Module(s) have been

scanned
Scan process 'csrss.exe' - '1' Module(s) have been

scanned
Scan process 'smss.exe' - '1' Module(s) have been

scanned
62 processes with 62 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '50' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\guillemain\Local

Settings\Temporary Internet Files\Content.IE5\C1VYP2I7

\club-internet_fr[1].html
[DETECTION] Contains detection pattern of the HTML

script virus HTML/Infected.WebPage.Gen
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\Documents and Settings\guillemain\Mes

documents\Mes fichiers reçus\Setup.exe
[DETECTION] Contains detection pattern of the

dropper DR/Dldr.Agent.fct
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\Program Files\Club-

Internet\Assistance\OutilsCI\uninstall.exe
[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ZQN
[INFO] The file was deleted!
C:\System Volume Information\_restore{54887473-E0E8-

4E40-8CB4-34743021C726}\RP371\A0517456.exe
[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ZQN
[WARNING] An error has occurred and the file was

not deleted. ErrorID: 16004
[WARNING] The source file could not be found.
C:\System Volume Information\_restore{54887473-E0E8-

4E40-8CB4-34743021C726}\RP371\A0529792.exe
[DETECTION] Contains detection pattern of the

dropper DR/180Solutions.AY.1
[INFO] The file was moved to '47b2ef8e.qua'!
Begin scan in 'D:\' <ACERDATA>

End of the scan: vendredi 4 janvier 2008 10:04
Used time: 10:56:20 min

The scan has been done completely.

9114 Scanning directories
328122 Files were scanned
4 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
1 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
328118 Files not concerned
8280 Archives were scanned
5 Warnings
0 Notes

ersky par la suite ca serait genial.a plus tard je commence a respirer ca fait plaisir....
0
Réponse 19 / 27
cesar30
 
voici mon fai club internet,et dis moi si avira antivir fait office d'antivirus ou si il faut que j'en telecharge un autre pour remplacer kaspersky qui est encore en fonction?
0
Réponse 20 / 27
Utilisateur anonyme
 
Salut tu as posté deux fois le même message ...
Tu as une 30 min. pour le modifier (après plus possible) : c'est la petite feuille blanche (à gauche du message) = > modifier le message tape Oupsss à la place du long rappot stp.

Pour kaspersky supprime le définitivement (je conseille à ton ami de faire pareil). Antivir est un très bon antivirus gratuit, garde le.

Réinstalle JAVA depuis ce site : https://www.java.com/fr/download/

Il te faut un parefeu aussi, le tient c'est celui de windows ?

Dis moi les problèmes du PC et renvoye un HiJack....moi je regarde le rapport Antivir
0

Discussions similaires

probleme dossier incoming emule
gribouille1208 -
Celia -

6 réponses
ISAGRI bugg dans ISACOMPTA
BUGY -
Fred64 -

37 réponses
apparaître un input lors du clik sur autre
vanesa -
vanesa -

7 réponses
bugg discord partage d'écran
Faren1 -
spykenany -

3 réponses
Ma souris double-clik toute seule :(
Memnoch leDemon -
my0473 -

21 réponses