aless2706
Messages postés19Date d'inscriptiondimanche 2 décembre 2007StatutMembreDernière intervention31 mars 2008
-
25 févr. 2008 à 19:52
g!rly
Messages postés18206Date d'inscriptionvendredi 17 août 2007StatutContributeurDernière intervention30 novembre 2014
-
5 avril 2008 à 14:08
Bonjour,
Bonjour,
antivir me détecte plusieurs intrusions et mon pc est lent . Merci de m'aider ;)
Scanning for 1120425 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: DISTRITOP
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 24 février 2008 20:02
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'CursorXP.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'Keyhook.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'libusbd-nt.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '27' files ).
Starting the file scan:
Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\094add81-fd34-47b3-86ce-4e6dd4b3b05a.7\composite.cab
[0] Archive type: CAB (Microsoft)
--> EnableDisable Internet Explorer Cookies.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '482ecd98.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\094add81-fd34-47b3-86ce-4e6dd4b3b05a.7\script.htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4833cd8e.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\094add81-fd34-47b3-86ce-4e6dd4b3b05a.7\View\4\SupportAction.cab
[0] Archive type: CAB (Microsoft)
--> EnableDisable Internet Explorer Cookies.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4831cda2.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\4898ff18-15a1-49e8-a94d-5e3f9e45cf7b.4\composite.cab
[0] Archive type: CAB (Microsoft)
--> Schakel de cookies in Internet Explorer in of uit.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '482ecda1.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\4898ff18-15a1-49e8-a94d-5e3f9e45cf7b.4\script.htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4833cd99.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\4898ff18-15a1-49e8-a94d-5e3f9e45cf7b.4\View\4\SupportAction.cab
[0] Archive type: CAB (Microsoft)
--> Schakel de cookies in Internet Explorer in of uit.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4831cdae.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\6042dfc5-c19b-4119-80be-e58067de1e02.7\composite.cab
[0] Archive type: CAB (Microsoft)
--> Désactivez or activez les cookies dans Internet Explorer.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '482ecdaa.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\6042dfc5-c19b-4119-80be-e58067de1e02.7\script.htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4833cda0.qua'!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\SupportSoft\Belgacom\HP_Propriétaire\data\sprt_actionlight\6042dfc5-c19b-4119-80be-e58067de1e02.7\View\4\SupportAction.cab
[0] Archive type: CAB (Microsoft)
--> Désactivez or activez les cookies dans Internet Explorer.saf
[DETECTION] Contains detection pattern of the HTML script virus HTML/Zones.Gen
[INFO] The file was moved to '4831cdb4.qua'!
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP861\A0279595.exe
[DETECTION] Contains detection pattern of the dropper DR/OneStep.C.90
[INFO] The file was moved to '47f3d7ac.qua'!
C:\WINDOWS\system32\ActiveScan\pskavs.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '482cdd4b.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>
End of the scan: dimanche 24 février 2008 22:32
Used time: 2:30:45 min
The scan has been done completely.
6606 Scanning directories
461578 Files were scanned
2 viruses and/or unwanted programs were found
9 Files were classified as suspicious:
0 files were deleted
0 files were repaired
11 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
461576 Files not concerned
16196 Archives were scanned
2 Warnings
0 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:34, on 25/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
g!rly
Messages postés18206Date d'inscriptionvendredi 17 août 2007StatutContributeurDernière intervention30 novembre 2014407 2 avril 2008 à 12:17
salut,
de rien ;-)
un dernier truc pour supprimer les outils utilisés :
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telechargement 34055291 toolsclean(...) # Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).